blog.checkpoint.com Open in urlscan Pro
18.164.52.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-the...
Submission: On June 21 via api (June 21st 2023, 2:02:23 pm UTC) from DE — Scanned from DE

Summary HTTP 65 Redirects Links 153 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 65 HTTP transactions. The main IP is 18.164.52.54, located in United States and belongs to AMAZON-02, US. The main domain is blog.checkpoint.com. The Cisco Umbrella rank of the primary domain is 852974.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on October 25th 2022. Valid for: a year.

This is the only time blog.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	18.164.52.54 18.164.52.54	16509 (AMAZON-02) (AMAZON-02)
2	108.139.243.4 108.139.243.4	() ()
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	18.164.52.7 18.164.52.7	16509 (AMAZON-02) (AMAZON-02)
3	104.103.104.209 104.103.104.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:a972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
65	12

31 18.164.52.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-54.cdg50.r.cloudfront.net

blog.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.243.4 (United States)

ASN- ()
PTR: server-108-139-243-4.mxp63.r.cloudfront.net

a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.164.52.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-7.cdg50.r.cloudfront.net

www.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.103.104.209 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-104-209.deploy.static.akamaitechnologies.com

sc1.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	checkpoint.com blog.checkpoint.com — Cisco Umbrella Rank: 852974 www.checkpoint.com — Cisco Umbrella Rank: 166727 sc1.checkpoint.com — Cisco Umbrella Rank: 24626	641 KB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 413	159 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3657	71 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	144 KB
2	awswaf.com a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com	267 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 684	303 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	109 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 997	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	970 B
65	9

	Domain	Requested by
31	blog.checkpoint.com	blog.checkpoint.com
13	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
8	www.checkpoint.com	blog.checkpoint.com sc1.checkpoint.com
3	sc1.checkpoint.com	blog.checkpoint.com sc1.checkpoint.com
2	cdn.onesignal.com	blog.checkpoint.com cdn.onesignal.com
2	code.jquery.com	blog.checkpoint.com
2	a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com	blog.checkpoint.com a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	blog.checkpoint.com
1	maxcdn.bootstrapcdn.com	blog.checkpoint.com
1	fonts.googleapis.com	blog.checkpoint.com
65	11

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
supportcenter.checkpoint.com
usercenter.checkpoint.com
www.checkpoint.com.cn
help.checkpoint.com
training-certifications.checkpoint.com
cyberpark.checkpoint.com
business.fiverr.com
partnerlocator.checkpoint.com
catalog.checkpoint.com
resources.checkpoint.com
research.checkpoint.com
www.cybertalk.org
community.checkpoint.com
www.facebook.com
twitter.com
www.linkedin.com
www.reddit.com
pages.checkpoint.com
www.youtube.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
*.checkpoint.com GlobalSign GCC R3 DV TLS CA 2020	`2022-10-25` - `2023-11-26`	a year	crt.sh
*.859af6bf.eu-west-3.token.awswaf.com Amazon RSA 2048 M02	`2023-02-28` - `2023-10-18`	8 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Frame ID: E8A69329DC44CD8B63E9C42A2CCE6573
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

‘Sign in to continue’ and suffer : Attackers abusing legitimate services for credential theft - Check Point BlogBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-service... Page URL
https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-service... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

65
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

1489 kB
Transfer

5460 kB
Size

5
Cookies

153 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/demos/
Title: Free Demo!

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/about-us/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/index.jsp
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-incident-response/

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/
Title: English (English)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/es/
Title: Spanish (Español)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/fr/
Title: French (Français)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/de/
Title: German (Deutsch)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/it/
Title: Italian (Italiano)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/pt/
Title: Portuguese (Português)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/ru/
Title: Russian (Русский)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/jp/
Title: Japanese (日本語)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com.cn/
Title: Chinese (中文)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cz/
Title: Czech (čeština)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/id/
Title: Indonesian (Bahasa Indonesia)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/kr/
Title: Korean (한국어)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/nl/
Title: Dutch (Nederlands)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/pl/
Title: Polish (Polszczyzna)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/tr/
Title: Turkish (Türkçe)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/tw/
Title: Taiwan (繁體中文)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/vi/
Title: Vietnamese (Tiếng Việt)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/
Title: QUANTUM

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/maestro-hyperscale-network-security/
Title: Quantum Maestro

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/next-generation-firewall/lightspeed/
Title: Quantum Lightspeed

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/next-generation-firewall/
Title: Quantum Security Gateway

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/sd-wan/
Title: Quantum SD-WAN

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/next-generation-firewall/small-business-security/
Title: Quantum Spark

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/iot-protect/
Title: Quantum IoT Protect

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/remote-access-vpn/
Title: Quantum VPN

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-appliances/
Title: Quantum Smart-1

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/
Title: Quantum Smart-1 Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/unified-cyber-security-platform/
Title: Quantum Cyber Security Platform

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/
Title: CLOUDGUARD

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/
Title: CloudGuard Network

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/iaas-private-cloud-security/
Title: CloudGuard Private Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/iaas-public-cloud-security/
Title: CloudGuard Public Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cnapp/
Title: CloudGuard CNAPP

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-security-posture-management/
Title: CloudGuard Posture Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/workload-protection/
Title: CloudGuard Workload

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/appsec/
Title: CloudGuard AppSec

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-intelligence-threat-hunting/
Title: CloudGuard Intelligence

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/developer-security/
Title: CloudGuard Spectral

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/
Title: HARMONY

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/advanced-endpoint-protection/
Title: Harmony Endpoint

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/connect-sase/
Title: Harmony Connect (SASE)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/browse/
Title: Harmony Browse

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/email-security/email-office/
Title: Harmony Email & Collaboration

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/mobile-security/mobile/
Title: Harmony Mobile

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/horizon/
Title: HORIZON

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/horizon/mdr-mpr/
Title: Horizon MDR/MPR

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/horizon/xdr-xpr/
Title: Horizon XDR/XPR

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/horizon/events/
Title: Horizon Events

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/threatcloud/
Title: ThreatCloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/portal/
Title: Infinity Portal

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/
Title: View All Products A-Z >

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/?utm_source=cp-home&utm_medium=cp-website&utm_campaign=infinity_ela_menu_banner&utm_content=megamenu
Title: DISCOVER

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-security-solutions/
Title: Cloud Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-migration-security/
Title: Cloud Migration Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/public-cloud-compliance-governance/
Title: Compliance in the Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/threat-hunting/
Title: Cloud Threat Hunting

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/devsecops/
Title: Developer Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/amazon-aws-security/
Title: AWS Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/microsoft-azure-security/
Title: Azure Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/google-cloud-platform-security/
Title: Google Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/network-security-solutions/
Title: Network Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/data-center-security/
Title: Hybrid Data Center

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/sd-wan-security/
Title: SD-WAN Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/zero-trust-security/
Title: Zero Trust Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/iot-security/
Title: IoT Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/endpoint-security/
Title: Endpoint Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/mobile-security/
Title: Mobile Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/anti-ransomware/
Title: Anti-Ransomware

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/anti-phishing/
Title: Anti-Phishing

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/security-operations/
Title: Security Operations

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/zero-day-protection/
Title: Zero-Day Protection

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/
Title: Industry

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/retail/
Title: Retail

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/financial-services/
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/government-federal-security/
Title: Government

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/healthcare/
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/industrial-control-systems/
Title: Industrial Control Systems ICS & SCADA

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/service-provider/
Title: Telco / Service Provider

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/education/
Title: Education

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/enterprise-network-security/
Title: Large Enterprise

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/small-medium-business/
Title: Small & Medium Business

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/consumer-small-business/
Title: Consumer & Small Business

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/
Title: Solutions Overview >

Search URL Search Domain Scan URL

URL: https://help.checkpoint.com/s/
Title: Create/View Service Request

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/contact-support/
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/pro/
Title: Check Point Pro

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/support-plans/
Title: Support Programs

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/support-life-cycle-policy/
Title: Life Cycle Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/software-license-agreement-limited-hardware-warranty/
Title: License Agreement & Warranty

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/rma-return-process/
Title: RMA Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/mind/
Title: Mind

Search URL Search Domain Scan URL

URL: https://training-certifications.checkpoint.com/#/
Title: Training & Certification

Search URL Search Domain Scan URL

URL: https://cyberpark.checkpoint.com/
Title: Cyber Park

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/secureacademy/
Title: Secure Academy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/mind/smartawareness/
Title: SmartAwareness

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/elearning/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/clc/
Title: Redeem CLC Credits

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/
Title: Infinity Global Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/professional-services/
Title: Professional Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/professional-services/account-management/
Title: Account Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/lifecycle-management/
Title: Lifecycle Management Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/security-consulting/
Title: Security Consulting

Search URL Search Domain Scan URL

URL: https://business.fiverr.com/certified/partners/checkpoint?utm_source=fiverr_certified&utm_medium=checkpoint&utm_campaign=checkpoint_website
Title: Find a Freelance Certified Consultant

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/training/hackingpoint/
Title: VIEW COURSES

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/
Title: Channel Partners

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/channel/
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/mssp-program/
Title: MSSP Partner Program

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/global-systems-integrators/
Title: Global Systems Integrators

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/smb/
Title: SMB Partners

Search URL Search Domain Scan URL

URL: https://partnerlocator.checkpoint.com/#/
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/technology-partners/
Title: Technology Partners

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/technology-partners/featured/
Title: Featured Technology Partners

Search URL Search Domain Scan URL

URL: https://catalog.checkpoint.com/
Title: Product Catalog

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/PricingToolsId,RenewalToolApp
Title: Renewal Tool

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/PartnerInfoId%2CPartnerDashboard#/overview
Title: Partner Dashboard

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/SalesEnabelrsId?pageUrl=/p/campaign-central/
Title: Campaign Central

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/SalesEnabelrsId?pageUrl=/p/campaign-central/pre-packaged-agency-campaigns/
Title: Campaign Marketplace

Search URL Search Domain Scan URL

URL: https://resources.checkpoint.com/
Title: Content Resource Center

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/trials/
Title: Product Trials

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/customer-stories/
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/webinars/
Title: Webinars

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cyber-hub/
Title: Cyber Hub

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doShowprelanding&all
Title: Downloads & Documentation

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/PricingToolsId,supportQuoteToolId
Title: Renewal Pricing Tool

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/
Title: Check Point Research

Search URL Search Domain Scan URL

URL: https://www.cybertalk.org/
Title: Cyber Talk for Executives

Search URL Search Domain Scan URL

URL: https://community.checkpoint.com/
Title: CheckMates Community

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fblog.checkpoint.com%2Fsecurity%2Fsign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fblog.checkpoint.com%2Fsecurity%2Fsign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft%2F&text=%E2%80%98Sign%20in%20to%20continue%E2%80%99%20and%20suffer%20:%20Attackers%20abusing%20legitimate%20services%20for%20credential%20theft

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fblog.checkpoint.com%2Fsecurity%2Fsign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft%2F

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fblog.checkpoint.com%2Fsecurity%2Fsign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft%2F

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/threatcloud-ai/
Title: AI Deep Learning

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/miercom-firewall-benchmark2023.html
Title: Miercom

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-phishing/
Title: phishing attacks

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-email-security/email-security-awareness-to-employees/
Title: Security Awareness Training

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/data-loss-prevention/
Title: DLP Solution

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/anti-phishing/
Title: 6. Anti-Phishing Solution

Search URL Search Domain Scan URL

URL: https://www.facebook.com/checkpointsoftware

Search URL Search Domain Scan URL

URL: https://twitter.com/checkpointsw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/check-point-software-technologies

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CPGlobal

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/copyright/
Title: Copyright

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/cookies/
Title: Cookie Notice

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455 Page URL
https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 202 / Show response
blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/ 1 KB
2 KB 130ms
40ms Document
text/html 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-54.cdg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: fe0c457b5d8725177221466331346165bbcb772507b4fcedb96be840df18dd9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, max-age=0
content-length: 1306
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 14:02:17 GMT
server: CloudFront
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-id: iaW2AKBlj33QeP1oMZn6aCDYsE1OLbFhVIO9k0TjOdF35lbnbh-cTQ==
x-amz-cf-pop: CDG50-P4
x-amzn-waf-action: challenge
x-cache: Error from cloudfront

GET
H2 200 challenge.js Show response
a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com/a56a6a6f5963/c3e8f71e82c9/928d8296191b/ 997 KB
266 KB 509ms
134ms Script
text/javascript 108.139.243.4

General

Check archive.org

Show headers Download Go to

Full URL: https://a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com/a56a6a6f5963/c3e8f71e82c9/928d8296191b/challenge.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.4 , United States, ASN (),
Reverse DNS: server-108-139-243-4.mxp63.r.cloudfront.net
Software: /
Resource Hash: 311cafa87f029f1ea6f23b120ba085793df9817a59c0ecd8d4e9e3364c7fd831

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:18 GMT
content-encoding: gzip
via: 1.1 e0062aca9ee6d0119808cbfccfdda9da.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-649302ea-18d843ba1840081030821758
content-type: text/javascript
cache-control: private, max-age=86400
x-amz-cf-id: t5mP70rXkomjn3x4fB9up_UgjN7oAdbeaoKU2LqEtijHijwtvqQkQg==
expires: 0

POST
H2 200 verify Show response
a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com/a56a6a6f5963/c3e8f71e82c9/928d8296191b/ 308 B
728 B 222ms
142ms Fetch
application/json 108.139.243.4

General

Check archive.org

Show headers Download Go to

Full URL: https://a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com/a56a6a6f5963/c3e8f71e82c9/928d8296191b/verify
Requested by: Host: a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com
URL: https://a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com/a56a6a6f5963/c3e8f71e82c9/928d8296191b/challenge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.4 , United States, ASN (),
Reverse DNS: server-108-139-243-4.mxp63.r.cloudfront.net
Software: /
Resource Hash: 32a869bf406c332cb426542c74fd2b1e37bd12515731b60777273d354c049d69

Request headers

Referer: https://blog.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:18 GMT
via: 1.1 43caad45fe33928cc863afe8f8e92576.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-649302ea-2f3ddc4a6dc7bb8544f5a18c
cache-control: no-cache, no-store, must-revalidate
content-length: 308
x-amz-cf-id: 2PE9KNHvzCWCFJ-S78793z3kJoNPK45gVzzAvkuZE3Kaxh1Iw0FKiA==
expires: 0

GET
H2 200 Primary Request / Show response
blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/ 150 KB
31 KB 511ms
511ms Document
text/html 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx / WP Engine

Resource Hash

1079c34b0965d16e4a47f9535523db3bce0ad3be5511f37e88d3ba4b14638ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 14:02:19 GMT
link: <https://blog.checkpoint.com/?p=244455>; rel=shortlink
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding,Cookie
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-id: YC9SIJ40ZXWN2Z8H_ZCndRX2MXXlxIMdujHh-JaKG7KYSN-KNKK5Ow==
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine

GET
H2 200 style.min.css
blog.checkpoint.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 200ms
197ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:19 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 04 Apr 2023 16:08:57 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"642c4b99-17ced"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: IQB749K6zkxoeTwWZxGB_Fyp5y_OsYYtT0reCZBNTRA4nRkgRTsxAg==

GET
H2 200 classic-themes.min.css
blog.checkpoint.com/wp-includes/css/ 291 B
645 B 400ms
397ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 04 Apr 2023 16:08:57 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"642c4b99-123"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: LF9AnlpaXoRz5eND0f61Ab4D2c76ssZ0Eui3ERXwuTOqMABS6MLSYw==

GET
H2 200 boostrap.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 118 KB
20 KB 638ms
635ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/boostrap.css?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

c3a6ec18e8b49b442489672e17ac68678430968967b818d7772e8f495625aef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-1d946"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: -2qxHSgJpwPl1ayTwKFpPpL3RqHOQ73onO_G2Sc4AlaChNcJ0fp1UA==

GET
H2 200 owl-carousel.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 3 KB
1 KB 631ms
628ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/owl-carousel.css?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

f1be068e1e417b77745a1587d48b8ecdc27627d2a61983acb1b3df24eb383544

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-bd1"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: jZb6OOY7vPV-TFa-MZOAC8O6UoXCy4AWBmKsvmQ71zUj8FqCHqNrkw==

GET
H2 200 perfect-scrollbar.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 5 KB
1 KB 618ms
615ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/perfect-scrollbar.css?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

5840ec787b934fc80f101b6e22686e9e779d28a7024ebff3a75804b40fef6be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-1251"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 51nKmbZ04A4AQJIdCI2Acrc59jjZhkM-n5c19NbmIxU6fWDvTAtuvQ==

GET
H2 200 magnific-popup.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 5 KB
2 KB 396ms
393ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/magnific-popup.css?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

39587eb320ad541e207d4feebd137e663a562402524bf5dba0a563731a01e4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-15d6"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: d2qVhWlCqgtW9bGUqdobJDrGzsUPBiLEGDOvqLRgvDsx6iMcdaVttA==

GET
H2 200 fotorama.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 15 KB
3 KB 399ms
396ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/fotorama.css?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

3e275292d958f60b0509448e22870378fc1e3d0c6528850eb2980efcc20f530f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-3b28"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: lESKdBi_JbshINfUHK3y1E9j_MHERVrW2AFsR_hOaINgvTjOi-6ROg==

GET
H2 200 style.css
blog.checkpoint.com/wp-content/themes/atoms/css/ 997 KB
121 KB 646ms
643ms Stylesheet
text/css 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/style.css?ver=6.0.5

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

da940e0ede527f5a28f3a0fab37b661b7c48025ed57f39d4450d5848c66c2690

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 16 May 2023 22:43:11 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"646406ff-f9353"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 3LLh964TEs2w7chUHDdubvUrusBgJZusHMgQ3gijJUoH9yJ7vNGaxg==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
970 B 190ms
66ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap&ver=1680554497

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 14:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:36:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 14:02:19 GMT

GET
H2 200 jquery-3.7.0.min.js Show response
blog.checkpoint.com/wp-content/plugins/jquery-updater/js/ 85 KB
30 KB 504ms
502ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/plugins/jquery-updater/js/jquery-3.7.0.min.js?ver=3.7.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 13 May 2023 02:48:05 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"645efa65-155a6"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: eGZpMdentSEgapTO0AehfTCVPRiqA-uuEkJQyHsofOyML-77lemssg==

GET
H2 200 jquery-migrate-3.4.0.min.js Show response
blog.checkpoint.com/wp-content/plugins/jquery-updater/js/ 13 KB
5 KB 614ms
612ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 13 May 2023 02:48:05 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"645efa65-3470"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: yEyNElphlRNAXLdhH2JddhUhHW__TJ5v5vK7_LU9eerOWNx5QMCuyA==

GET
H2 200 page-font-awesome-Base64.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 105 KB
70 KB 627ms
521ms Stylesheet
text/css 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/page-font-awesome-Base64.css

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

19cc00e7c06ab1a6fb3cb5991e7c81b7b25b3babad166141815663895a8d7801

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
content-security-policy: 1
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: W/"63055d6c-1a52d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: tLUYpPcmSgGVEd6dUbeWeB5uVvKP0Y5tCwtqGubkye9XiT3VvVCtXA==

GET
H2 200 page-font-DIN-Base64.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 61 KB
46 KB 328ms
222ms Stylesheet
text/css 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/page-font-DIN-Base64.css

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

30e7388b5f275fd1c09ad27e41ed9ad5fa01a97a02d4cd119d66699e62c982db

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:19 GMT
content-security-policy: 1
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: W/"63055d6c-f247"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: 5Z4lKvEzByzq5CbBRtbPd0Iu-bWeO2Ux8FdOE2kXJjxeQD50d3r2tg==

GET
H/1.1 200
OK page-cp-unified-v1.css
sc1.checkpoint.com/sc1/css/ 292 KB
38 KB 197ms
61ms Stylesheet
text/css 104.103.104.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v1.css?v=1.0
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.104.209 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-104-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7173289d3ce39119fa628f8484128c8041d3270634a9f07afdd4f32a7d46079e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:02:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 17:38:15 GMT
Server: AkamaiNetStorage
ETag: "ead5a9b550fcdc68812dbcd86c5f9dda:1678903383.838936"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 38535

GET
H2 200 jquery-3.4.0.js Show response
code.jquery.com/ 273 KB
81 KB 105ms
32ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d864c082f074c2f900ebe5035a21c7d1ed548fb5c212ca477ee9e4a6056e6aa

Request headers

Referer: https://blog.checkpoint.com/
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:19 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-44534"
vary: Accept-Encoding
x-hw: 1687356139.dop231.am5.t,1687356139.cds240.am5.hn,1687356139.cds324.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82681

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.4/ 235 KB
63 KB 168ms
95ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer: https://blog.checkpoint.com/
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:19 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-3ab2b"
vary: Accept-Encoding
x-hw: 1687356139.dop231.am5.t,1687356139.cds240.am5.hn,1687356139.cds317.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 64296

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 115ms
42ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1053
age: 5996416
cdn-cachedat: 11/15/2022 10:30:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 98193fcafa7b68a988df70b3559f9a96
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7dacc9e21d289945-FRA
cdn-requestpullsuccess: True

GET
H2 200 under-attack.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 3 KB
4 KB 175ms
173ms Image
image/png 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/under-attack.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

7003b61166e5a477a9b5880cafe0a0420fef0af9e35562f81488c3b4c76cb156

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-length: 3084
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-c0c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: AuM1d78c-lcBK-Eo3k16GzE_eztlalA2l9CAKI5Eahxd4eneVutjjA==

GET
H2 200 search-btn.png
blog.checkpoint.com/wp-content/themes/atoms/images/ 2 KB
2 KB 206ms
204ms Image
image/png 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/images/search-btn.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
x-amz-cf-pop: CDG50-P4
etag: "63055d6c-729"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1833
x-amz-cf-id: QKm7d57MsE088I0txS1SJaczwCcqaqsFatBDpb3U4KnI4aI79I9yTg==

GET
H2 200 wp-emoji-release.min.js Show response
blog.checkpoint.com/wp-includes/js/ 18 KB
5 KB 437ms
435ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 04 Apr 2023 16:08:57 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"642c4b99-4904"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: n4XtQzynExhofBvTuWEfKAOU9gA2dW6spWQHCaziu5e3RokrqmPUoQ==

GET
H2 200 search-btn.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 171ms
169ms Image
image/png 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search-btn.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-length: 1833
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-729"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: IW4HN0BicqvInDP7wfbqRSLKRJXyPb217Hm93BFid-9BIe_PRT-Aag==

GET
H2 200 checkpoint-logo.png
blog.checkpoint.com/wp-content/themes/atoms/images/ 6 KB
6 KB 432ms
430ms Image
image/png 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/images/checkpoint-logo.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

872a5945dde72a609a3139fbd4090d0b187a80c1cf3eec95b1f8ed0ce6126f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
last-modified: Tue, 21 Feb 2023 21:18:18 GMT
server: nginx
x-amz-cf-pop: CDG50-P4
etag: "63f5351a-1840"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6208
x-amz-cf-id: dh2K7Ft2lyp1wIAuvzv0EcxWL45ozdz3oLkGf8g3lMRsAmWYm2dYcg==

GET
H2 200 featured-image-default-a-1320x462.jpg
blog.checkpoint.com/wp-content/uploads/2023/03/ 51 KB
51 KB 541ms
539ms Image
image/jpeg 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/03/featured-image-default-a-1320x462.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

bfa4803a49cf717fcd562cb697bf5f8aefe4979c6f3596893d07517c8db8c479

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
last-modified: Thu, 30 Mar 2023 22:52:06 GMT
server: nginx
x-amz-cf-pop: CDG50-P4
etag: "64261296-cab6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 51894
x-amz-cf-id: cfoBMDNeMzCfJyhUPU_6nuclGFCpyumKgD7aJcsjPjb7UppGm8OmsQ==

GET
H/1.1 200
OK nav_unified.js Show response
sc1.checkpoint.com/sc1/unified/js/ 8 KB
2 KB 43ms
43ms Script
application/x-javascript 104.103.104.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sc1.checkpoint.com/sc1/unified/js/nav_unified.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.104.209 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-104-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2036f63c988ea61768ec5387b03c0b9eb6a5901291a9b700806eb6d07d6a15bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:02:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 17:03:47 GMT
Server: AkamaiNetStorage
ETag: "714caa79dd5a7bac9d0c006768312dc0:1666287285.408875"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1707

GET
H2 200 footer.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/ 3 KB
2 KB 394ms
394ms Script
application/javascript 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/footer.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

ba36ba3a5a611a0a0284b826442804783bf8524e7ca724f6c440d8a5dc6b8702

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
content-security-policy: 1
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 30 Jan 2023 16:17:32 GMT
server: nginx
etag: W/"63d7ed9c-a7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: oen3OwwmdDeshUCs-CEoOcCWTYi5i_e38E4SC5STl-4II8uw9csWQg==

GET
H2 200 imagesloaded.min.js Show response
blog.checkpoint.com/wp-includes/js/ 5 KB
2 KB 172ms
171ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"5ee520a7-15fd"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 2OwVSKoJdwhRkA78JCOjNNcjVKru7rSwSrUJ1O3zia0Dk-C6hEICvA==

GET
H2 200 masonry.min.js Show response
blog.checkpoint.com/wp-includes/js/ 24 KB
8 KB 185ms
183ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"5ee520a7-5e4a"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: -0oaHNh7fOn5RZb7qnGbEolBgN70-jXm2UxGa-NjusTicVC6tuqjZQ==

GET
H2 200 jquery.masonry.min.js Show response
blog.checkpoint.com/wp-includes/js/jquery/ 2 KB
1 KB 397ms
394ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Thu, 18 Aug 2016 18:55:30 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"57b604a2-71b"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: tLcZHBS0GBiesOCa4pN4t7RYFETdQgK0G_rmdnsVxYD6rccK6bDgPg==

GET
H2 200 throttle-debounce.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 497 B
762 B 177ms
174ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/throttle-debounce.min.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

e2d885cb2748a4fc83a4e415466a529453aaaa0f537cb31fe2e6f108472fc5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-1f1"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: wi3GI6o5pblvFvE2MtFzx68aUkBFhE_c6WJOw4JRSRSmaHzP8GiYng==

GET
H2 200 bootstrap.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 36 KB
10 KB 422ms
419ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/bootstrap.min.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-90bb"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 5zTzms5OyHOeCF5M5hy-igQtSXdk9VNVg6vbE6h7w6e0BstwgyjXqw==

GET
H2 200 fotorama.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 38 KB
16 KB 510ms
507ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/fotorama.min.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

7b0efce477888066982b251fa52c0e442e90a0f7506cc5f9e838eeb6c1cfeb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-99ae"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: rY9bCXpFrWNCcSZ5C7t1X3fR2AwUWSVJJL1qOqsJKUIHIWur23Yu8Q==

GET
H2 200 owl-carousel.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 43 KB
12 KB 404ms
401ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/owl-carousel.min.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-ad3c"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: Uh9FfrMQfk6QV-jysOju44m55OyWdB5dhMZBTGL8wErLPBzMpbX5SQ==

GET
H2 200 theiaStickySidebar.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 5 KB
2 KB 173ms
171ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/theiaStickySidebar.min.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

020ff6e3208f27e7c096ce43b605ff22e4b1acb2a34dbae3ecd07da10d25ead4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-13ff"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: YZyrduqonwaL9HXSrZ9kV8y8Vmsa13QNy27rukHNi-0TJ3MNcz9b6A==

GET
H2 200 fitvids.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 3 KB
2 KB 405ms
402ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/fitvids.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63460234-cf9"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: gPLwgm8PWDLVoqIWj1B3HJRJXtk8O9b-SRegN01wK265NIeuWiWY_A==

GET
H2 200 scripts.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/ 170 KB
26 KB 515ms
512ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/scripts.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

4f17c8a0e6cefa97ee8778b9c3bcdbde195b6e18ef434c8a377af2096a7320ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Thu, 23 Feb 2023 23:23:16 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"63f7f564-2a907"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: IBmwk8OUc_fGhQd8XbEo9VFdQpXKJ3h6Q53KxArL68Wjd5MQLIcTcw==

GET
H2 200 comment-reply.min.js Show response
blog.checkpoint.com/wp-includes/js/ 3 KB
2 KB 174ms
172ms Script
application/javascript 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/comment-reply.min.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
etag: W/"625095f6-ba5"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 8XKHbJRuiJma8ClamYxTMTAAoLUREX-pqPZqHbBUvj--QR-0RlZ1jA==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 121ms
42ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74475967bdd27d1efa3e20fd636afe5bb0c391494f9fa5768856bb25af4690d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3210
etag: W/"2ae26a107abd543e72c24128b019bed7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7dacc9e86b509a0b-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 14:02:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 388 KB
109 KB 234ms
109ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09bd5fff7a9b95a00b8044b29ccfb1e4d38e53f6da020a12b9e42d81288c3537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110892
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 14:02:20 GMT

GET
H2 200 bullet-prod.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 1 KB
2 KB 399ms
398ms Image
image/png 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/bullet-prod.png

Requested by

Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v1.css?v=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sc1.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-length: 1027
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-403"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: ijzVaY25mpoTVDGPsPFQ1KDxHof0S1zAjl6YPqCQQcsWoVnkVcBl0A==

GET
H2 200 search.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 398ms
397ms Image
image/png 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search.png

Requested by

Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v1.css?v=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sc1.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-length: 1658
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-67a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: UqyUsK0d1KxE-2NTUyEfxgq3vII87pYcQmHhCaBU_mZPi0YkYWacMA==

GET
H2 200 intl.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
3 KB 177ms
176ms Image
image/png 18.164.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/intl.png

Requested by

Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v1.css?v=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-7.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sc1.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-length: 2126
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-84e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: ShZJv1EPx_iCYigd9mhgSDnikqeFu8fDCGuPGiO1LvIYoJtV0pGqCA==

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a22a9f782432f61776fa13ac0a9bc16dac6c3d6ee86c51c4126c5e9715cd5ec8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 404
Not Found 34CA47_6_0.woff2
sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/ 0
0 183ms
58ms Font
text/plain 104.103.104.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_6_0.woff2
Requested by: Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v1.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.104.209 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-104-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v1.css?v=1.0
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:02:20 GMT
Server: AkamaiNetStorage
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 10

GET
DATA 200
OK truncated
/ 64 KB
64 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://www.checkpoint.com/
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e79cbb65ec0ac13329b541b9b1c51ffa16fd594139c6fdbe20dfc1d78173eac

Request headers

Referer: https://www.checkpoint.com/
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 author-image.png
blog.checkpoint.com/wp-content/uploads/2023/02/ 752 B
1 KB 171ms
169ms Image
image/png 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/02/author-image.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

01523462a4211ea90de73ad889719c964515e4be7fae2cc237e137f40ae5d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 22:29:41 GMT
server: nginx
x-amz-cf-pop: CDG50-P4
etag: "63f69755-2f0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 752
x-amz-cf-id: NZBR8yyjnLu1SKQQl8RCZVqBV9MAHVB7fA6KgTDoD3j3TR3GHUboDw==

GET
H2 200 Picture1-1.png
blog.checkpoint.com/wp-content/uploads/2023/06/ 42 KB
42 KB 204ms
203ms Image
image/png 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/06/Picture1-1.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

b3fcff8b997f5fc8ad8db622a167ee1f37dd9c1da6ad87820d8e069527cc7dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 00:10:36 GMT
server: nginx
x-amz-cf-pop: CDG50-P4
etag: "648f9cfc-a6ca"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 42698
x-amz-cf-id: dKrkY5BUVqlT9oG7MIv_skmDgLdFFYU2c3bX47vlD8aC_w0Zk6PIwg==

GET
H2 200 Picture2-2.png
blog.checkpoint.com/wp-content/uploads/2023/06/ 18 KB
19 KB 200ms
199ms Image
image/png 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/06/Picture2-2.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

5f6cadf948b97b3fa4e91c95bfa5bf2d2f133b003601807a1ea3d6447d99abd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 00:10:40 GMT
server: nginx
x-amz-cf-pop: CDG50-P4
etag: "648f9d00-49b8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18872
x-amz-cf-id: ITp27bItpStuvcqFteXywpfoTsfh66epOgkg6dfqvSNrTlKbdaI0Yg==

GET
H2 200 Picture3.jpg
blog.checkpoint.com/wp-content/uploads/2023/06/ 30 KB
31 KB 209ms
208ms Image
image/jpeg 18.164.52.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/06/Picture3.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-54.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

ed30c92a5b03ff92c9e90ac56e249fcfe55c196eca1098cdfa4985e84006b03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft/?p=244455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:20 GMT
strict-transport-security: max-age=63072000
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 00:10:42 GMT
server: nginx
x-amz-cf-pop: CDG50-P4
etag: "648f9d02-7946"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 31046
x-amz-cf-id: 1dGO0URYMMt8EsxkGhTDfsIVAYIgAttHIzJbK3XiAjN-69iCU0EwWA==

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 50ms
49ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed7f43d675c0d203d845162c122fd2a7ec79093655370e9ce24e9408c80227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1921
etag: W/"153f1c4acb6a72d6e5def93aaa717bee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7dacc9eb4f2a9a0b-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 14:02:21 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/ 12 KB
5 KB 99ms
39ms Script
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/OtAutoBlock.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49e6085a83d493692a699bea227a31e109363c06854e28e1da65a04ef3d70fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WwUkV5wh2t7Z7UjEoYbLXg==
age: 58931
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4498
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 19:56:22 GMT
server: cloudflare
etag: 0x8DAFF0E3C195A14
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1916a8f4-501e-0028-64e1-5aaf59000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ec7a7abbaf-FRA
expires: Thu, 22 Jun 2023 14:02:21 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 46ms
46ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be44b8963766e88bfb1034f5cf93deb8710ec30e7a54537ff463951c5976234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0mEq0pw2uQHv5iDD8WI5Bw==
age: 66864
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6759
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jun 2023 19:30:16 GMT
server: cloudflare
etag: 0x8DB6DD6F2F4383B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b0de61d4-001e-00de-3bc2-9f884f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ecbad4bbaf-FRA

GET
H2 200 6be79097-5aaa-4b3b-8be4-f464d92cf186.json Show response
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/ 5 KB
2 KB 113ms
46ms XHR
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6be79097-5aaa-4b3b-8be4-f464d92cf186.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cde084bc5ee04ea9bc5d4f5cd4c5c98443beed4311deecc87cb7eefc1533bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: CqflGnWicKogdVwRp1k/JQ==
age: 38704
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1762
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 19:56:24 GMT
server: cloudflare
etag: 0x8DAFF0E3CE1BE4A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8dc92276-f01e-0108-4470-7f85c0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ed7a6135f0-FRA
expires: Thu, 22 Jun 2023 14:02:21 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
303 B 109ms
49ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0d734d7b8016f22e077bc1e2d5929c74d5f992e72e28c54daa63f1e9a9ac84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://blog.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7dacc9ee2c0a2c1a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 395 KB
94 KB 40ms
39ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 84213
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:35 GMT
server: cloudflare
etag: 0x8DB14866ADAA84A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdce70f4-f01e-00ad-093e-79f88c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ee7d13bbaf-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6c0f7219-922c-429c-8b72-e13962a62e3c/ 140 KB
25 KB 43ms
43ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6c0f7219-922c-429c-8b72-e13962a62e3c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605b729d5714cedbe1a4e4a2bf496da36ca9ce49a49e2b71d20a2befd9f251db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: c+MpxVJOA8ow2bb1kvQPPA==
age: 1073
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 24990
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 19:56:26 GMT
server: cloudflare
etag: 0x8DAFF0E3DF1A8E0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d23b47fe-e01e-011c-2071-7f46a4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ef0c6635f0-FRA
expires: Thu, 22 Jun 2023 14:02:21 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 13 KB
3 KB 42ms
42ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
age: 61645
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e510389d-b01e-00e5-5670-7fca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ef7d0135f0-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 61 KB
12 KB 47ms
47ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ykryv/G09FP6w4m7cogHHg==
age: 19891
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12548
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB1486680298ED
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5d0aa57e-801e-0003-2d70-7fdbe1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ef7d0235f0-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 5 KB
2 KB 45ms
45ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wkJHHbnp3s43+NZzgCj5tg==
age: 61645
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB148667BDAA3D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f21420df-e01e-013e-7870-7f2892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9ef7d0435f0-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 47ms
47ms Fetch
text/css 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 1074
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e73727ec-801e-0125-5b70-7f0600000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7dacc9ef7d0535f0-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 37ms
37ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 30162
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jun 2023 19:30:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 953286eb-101e-008e-3d0d-a09747000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7dacc9efdeb2bbaf-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
498 B 50ms
49ms Fetch
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 60553
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jun 2023 19:30:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 778c0509-b01e-010f-2b15-a07345000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7dacc9effdef35f0-FRA

GET
H2 200 privacy-center.png
cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/9b630f80-0ad4-4be8-9223-a37ab5e74b02/5ea19ec2-7813-4a8e-b4ea-6f87c8959b4e/ 1 KB
2 KB 40ms
39ms Image
image/png 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/9b630f80-0ad4-4be8-9223-a37ab5e74b02/5ea19ec2-7813-4a8e-b4ea-6f87c8959b4e/privacy-center.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HnzIqzk5bF7upvrzwNVyQA==
age: 71048
content-length: 1478
x-ms-lease-status: unlocked
last-modified: Fri, 28 Oct 2022 21:43:30 GMT
server: cloudflare
etag: 0x8DAB92D747F1094
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5b0f29a5-001e-0152-11e1-5a8341000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7dacc9f02f07bbaf-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 39ms
38ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 21 Jun 2023 14:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 73555
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jun 2023 19:30:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 81b0fa06-e01e-013e-7e7c-a02892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7dacc9f02f08bbaf-FRA

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.checkpoint.com/security/sign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft	1970-01-20 12:42:36	Name: p244455 Value: 1
.checkpoint.com/	1970-01-20 12:48:21	Name: aws-waf-token Value: 213fa37c-6403-4f98-adc7-ce5bd8664840:DAoAvppipiMAAAAA:aNdYAb/ha0LRJ2yJLyJkr46baJDuTbPC2jBS2q/+lNkCBioYAsyDCZKH1vyfxF8G+FFlsweJ2zQu4Z+3me9AXdSYFLdLoh5GM4NkCplMD5JKvggPpMyxigsXNtoVXFUEqN57/J3Jacb2SvzKcMxQALClxLhFPFrijL6OnL2LY1Bzd4QcQDyO42jQwdhwWBNpd4Hs+BR3LzYGUmFb7AAWHdSlBt5hU5Lv9/7K
.onesignal.com/	1970-01-20 12:42:37	Name: __cf_bm Value: nm2WeDL.dOhBO7K_FF.rrhTVzSIqMsuxpDrqbwnUryo-1687356140-0-AbAAEdIAJ0houTsYePDyWgZFv82LNI59cpZ7jXlsFjuC/eDIb2rd2vWi7cAiP9WYIt825gHm2wOaqGq3FXvFTFo=
.checkpoint.com/	1970-01-20 14:52:12	Name: _gcl_au Value: 1.1.1555383750.1687356141
.checkpoint.com/	1970-01-20 21:28:12	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jun+21+2023+14%3A02%3A22+GMT%2B0000+(GMT)&version=202301.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fblog.checkpoint.com%2Fsecurity%2Fsign-in-to-continue-and-suffer-attackers-abusing-legitimate-services-for-credential-theft%2F%3Fp%3D244455&groups=C0003%3A0%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_6_0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a56a6a6f5963.859af6bf.eu-west-3.token.awswaf.com
blog.checkpoint.com
cdn.cookielaw.org
cdn.onesignal.com
code.jquery.com
fonts.googleapis.com
geolocation.onetrust.com
maxcdn.bootstrapcdn.com
sc1.checkpoint.com
www.checkpoint.com
www.googletagmanager.com
104.103.104.209
108.139.243.4
18.164.52.54
18.164.52.7
2001:4de0:ac18::1:a:3a
2606:4700::6812:1d26
2606:4700::6812:a972
2606:4700::6812:bcf
2606:4700::6812:d73b
2a00:1450:4001:802::2008
2a00:1450:4001:813::200a
01523462a4211ea90de73ad889719c964515e4be7fae2cc237e137f40ae5d0cf
020ff6e3208f27e7c096ce43b605ff22e4b1acb2a34dbae3ecd07da10d25ead4
09bd5fff7a9b95a00b8044b29ccfb1e4d38e53f6da020a12b9e42d81288c3537
0be44b8963766e88bfb1034f5cf93deb8710ec30e7a54537ff463951c5976234
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
0d864c082f074c2f900ebe5035a21c7d1ed548fb5c212ca477ee9e4a6056e6aa
1079c34b0965d16e4a47f9535523db3bce0ad3be5511f37e88d3ba4b14638ae8
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19cc00e7c06ab1a6fb3cb5991e7c81b7b25b3babad166141815663895a8d7801
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1ed7f43d675c0d203d845162c122fd2a7ec79093655370e9ce24e9408c80227a
2036f63c988ea61768ec5387b03c0b9eb6a5901291a9b700806eb6d07d6a15bf
30e7388b5f275fd1c09ad27e41ed9ad5fa01a97a02d4cd119d66699e62c982db
311cafa87f029f1ea6f23b120ba085793df9817a59c0ecd8d4e9e3364c7fd831
32a869bf406c332cb426542c74fd2b1e37bd12515731b60777273d354c049d69
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
39587eb320ad541e207d4feebd137e663a562402524bf5dba0a563731a01e4e0
3e275292d958f60b0509448e22870378fc1e3d0c6528850eb2980efcc20f530f
49e6085a83d493692a699bea227a31e109363c06854e28e1da65a04ef3d70fe2
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4e79cbb65ec0ac13329b541b9b1c51ffa16fd594139c6fdbe20dfc1d78173eac
4f17c8a0e6cefa97ee8778b9c3bcdbde195b6e18ef434c8a377af2096a7320ff
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5840ec787b934fc80f101b6e22686e9e779d28a7024ebff3a75804b40fef6be5
5f6cadf948b97b3fa4e91c95bfa5bf2d2f133b003601807a1ea3d6447d99abd0
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
605b729d5714cedbe1a4e4a2bf496da36ca9ce49a49e2b71d20a2befd9f251db
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7003b61166e5a477a9b5880cafe0a0420fef0af9e35562f81488c3b4c76cb156
70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5
7173289d3ce39119fa628f8484128c8041d3270634a9f07afdd4f32a7d46079e
74475967bdd27d1efa3e20fd636afe5bb0c391494f9fa5768856bb25af4690d0
76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c
7b0efce477888066982b251fa52c0e442e90a0f7506cc5f9e838eeb6c1cfeb2c
7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96
872a5945dde72a609a3139fbd4090d0b187a80c1cf3eec95b1f8ed0ce6126f23
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9cde084bc5ee04ea9bc5d4f5cd4c5c98443beed4311deecc87cb7eefc1533bcd
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a22a9f782432f61776fa13ac0a9bc16dac6c3d6ee86c51c4126c5e9715cd5ec8
a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b3fcff8b997f5fc8ad8db622a167ee1f37dd9c1da6ad87820d8e069527cc7dee
b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc
ba36ba3a5a611a0a0284b826442804783bf8524e7ca724f6c440d8a5dc6b8702
bfa4803a49cf717fcd562cb697bf5f8aefe4979c6f3596893d07517c8db8c479
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3a6ec18e8b49b442489672e17ac68678430968967b818d7772e8f495625aef3
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
d0d734d7b8016f22e077bc1e2d5929c74d5f992e72e28c54daa63f1e9a9ac84b
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
da940e0ede527f5a28f3a0fab37b661b7c48025ed57f39d4450d5848c66c2690
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d885cb2748a4fc83a4e415466a529453aaaa0f537cb31fe2e6f108472fc5c7
ed30c92a5b03ff92c9e90ac56e249fcfe55c196eca1098cdfa4985e84006b03c
f1be068e1e417b77745a1587d48b8ecdc27627d2a61983acb1b3df24eb383544
fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2
fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4
fe0c457b5d8725177221466331346165bbcb772507b4fcedb96be840df18dd9a
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

blog.checkpoint.com Open in urlscan Pro 18.164.52.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

64 %IPv6

9 Domains

11 Subdomains

12 IPs

4 Countries

1489 kBTransfer

5460 kBSize

5 Cookies

153 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.checkpoint.com Open in urlscan Pro
18.164.52.54 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

1489 kB
Transfer

5460 kB
Size

5
Cookies

65 HTTP transactions
3 data transactions