blog.checkpoint.com Open in urlscan Pro
18.173.205.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Submission: On May 02 via api (May 2nd 2024, 2:12:17 am UTC) from TR — Scanned from DE

Summary HTTP 73 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 73 HTTP transactions. The main IP is 18.173.205.29, located in United States and belongs to AMAZON-02, US. The main domain is blog.checkpoint.com.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on October 25th 2023. Valid for: a year.

This is the only time blog.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	18.173.205.29 18.173.205.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
15	18.66.147.106 18.66.147.106	16509 (AMAZON-02) (AMAZON-02)
4	104.73.232.210 104.73.232.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
73	13

28 18.173.205.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-29.fra56.r.cloudfront.net

blog.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.147.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-106.fra60.r.cloudfront.net

www.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.73.232.210 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-73-232-210.deploy.static.akamaitechnologies.com

sc1.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	checkpoint.com blog.checkpoint.com www.checkpoint.com — Cisco Umbrella Rank: 165701 sc1.checkpoint.com — Cisco Umbrella Rank: 31725	1 MB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 306	159 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	230 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4672	71 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 767	144 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 535	306 B
1	google.de www.google.de — Cisco Umbrella Rank: 7278	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	256 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2941	256 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	886 B
73	10

	Domain	Requested by
28	blog.checkpoint.com	blog.checkpoint.com
15	www.checkpoint.com	blog.checkpoint.com sc1.checkpoint.com
13	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
4	sc1.checkpoint.com	blog.checkpoint.com sc1.checkpoint.com
2	www.googletagmanager.com	blog.checkpoint.com www.googletagmanager.com
2	cdn.onesignal.com	blog.checkpoint.com cdn.onesignal.com
2	code.jquery.com	blog.checkpoint.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google.de	blog.checkpoint.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	blog.checkpoint.com
73	12

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
supportcenter.checkpoint.com
usercenter.checkpoint.com
www.checkpoint.com.cn
igs.checkpoint.com
training-certifications.checkpoint.com
cyberpark.checkpoint.com
partnerlocator.checkpoint.com
careers.checkpoint.com
engage.checkpoint.com
research.checkpoint.com
www.cybertalk.org
community.checkpoint.com
www.facebook.com

Subject Issuer	Validity	Valid
*.checkpoint.com GlobalSign GCC R3 DV TLS CA 2020	`2023-10-25` - `2024-11-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
onesignal.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Frame ID: 1114374DFF5CA8A9FA8E35B6EF17A433
Requests: 77 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spoofing Shein for Credential Harvesting - Check Point Blog

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

73
Requests

97 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

13
IPs

4
Countries

1919 kB
Transfer

5683 kB
Size

6
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/demos/
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/about-us/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/index.jsp
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/
Title: English (English)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/es/
Title: Spanish (Español)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/fr/
Title: French (Français)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/de/
Title: German (Deutsch)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/it/
Title: Italian (Italiano)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/pt/
Title: Portuguese (Português)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/jp/
Title: Japanese (日本語)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com.cn/
Title: Chinese (中文)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/kr/
Title: Korean (한국어)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/tw/
Title: Taiwan (繁體中文)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/hybrid-data-center-security/
Title: Hybrid Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/zero-trust-security/
Title: Zero Trust & Least Privilege

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/devsecops/
Title: Developer Security & Operations

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/iot-security/
Title: IoT Security Solutions

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/ransomware-protection/anti-ransomware/
Title: Anti-Ransomware

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/sd-wan-security/
Title: SD-WAN

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/customer-stories/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/retail/
Title: Retail

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/financial-services/
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/government-federal-security/
Title: Federal Government

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/government-state-local-security/
Title: State & Local Government

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/healthcare/
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/service-provider/
Title: Telco Service Provider

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/education/
Title: Education

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/enterprise-network-security/
Title: Enterprise

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/consumer-small-business/
Title: Small & Medium Business

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/
Title: Explore Infinity

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/core-services/
Title: Infinity Core Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/portal/
Title: Infinity PortalAccess Infinity Portal

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/platform-agreement/
Title: Infinity Platform AgreementPredictable cyber-security environments through a platform agreement

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/ai/threatcloud/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/
Title: Explore Quantum

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/next-generation-firewall/
Title: Next Generation Firewall (NGFW) Security GatewayIndustry-leading AI powered security gateways for modern enterprises

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/sd-wan/
Title: SD-WANSoftware Defined Wide Area networks converging security with networking

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/unified-management
Title: Security Policy and Threat ManagementManage firewall and security policy on a unified platform for on-premises and cloud networks

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/iot-protect/
Title: Operational Technology and Internet of Things (IoT) Autonomous IoT/OT threat prevention with zero-trust profiling, virtual patching and segmentation

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/remote-access-vpn/
Title: Remote Access VPN Secure, seamless remote access to corporate networks

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/
Title: Explore CloudGuard

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/
Title: Cloud Network Security Industry-leading threat prevention through cloud-native firewalls

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cnapp/
Title: Cloud Native Application Protection PlatformCloud native prevention first security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/developer-security/
Title: Code SecurityDeveloper centric code security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/appsec/
Title: Web Application and API SecurityAutomated application and API security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/
Title: Explore Harmony

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/email-security/email-office/
Title: Email and Collaboration SecurityEmail security including office & collaboration apps

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/advanced-endpoint-protection/
Title: Endpoint SecurityComprehensive endpoint protection to prevent attacks & data compromise

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/mobile-security/mobile/
Title: Mobile SecurityComplete protection for the mobile workforce across all mobile devices

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/sase/
Title: SASEUnifying security with optimized internet and network connectivity

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/mdr-mpr/
Title: Managed Prevention & Response ServiceSOC operations as a service with Infinty MDR/MPR

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/xdr-xpr/
Title: Extended Prevention & ResponseAI-Powered, Cloud-Delivered Security Operations with Infinity XDR/XPR

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/playblocks/
Title: Secure Automation and CollaborationAutomate response playbooks with Infinity Playblocks

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/events/
Title: Unified Security Events and Logs as a ServiceInfinity Events cloud-based analysis, monitoring and reporting

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/ai/copilot/
Title: AI Powered TeammateAutomated Security Admin & Incident Response with AI Copilot

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/security-consulting/
Title: Cyber Security Risk AssessmentAssess cyber security maturity and plan actionable goals

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/penetration-testing/
Title: Penetration TestingEvaluate security defenses against potential cyber attacks and threats

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/security-controls-gap-analysis-nist-cis/
Title: Security Controls Gap Analysis (NIST CIST)Analyze technology gaps and plan solutions for improved security and ROI

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/threat-intelligence-research/
Title: Threat IntelligenceAnalyzed data on cyber threats, aiding proactive security measures

Search URL Search Domain Scan URL

URL: https://igs.checkpoint.com/
Title: See All Infinity Global Services >

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/professional-services/
Title: Security Deployment & OptimizationStrategic deployment and refinement of security for optimal protection

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/professional-services/account-management/
Title: Advanced Technical Account ManagementProactive service delivered by highly skilled Cyber Security professionals

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/lifecycle-management/
Title: Lifecycle Management ServicesEffectively maintain the lifecycle of security products and services

Search URL Search Domain Scan URL

URL: https://training-certifications.checkpoint.com/#/
Title: Certifications & AccreditationsComprehensive cyber security training and certification programs

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/mind/ciso-academy/
Title: CISO TrainingGlobally recognized training for Chief Information Security Officers

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/mind/smartawareness/
Title: Security AwarenessEmpower employees with cyber security skills for work and home

Search URL Search Domain Scan URL

URL: https://cyberpark.checkpoint.com/
Title: Cyber RangeSimulated gamification environment for security training

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/mind/
Title: MindCheck Point Cyber Security and Awareness Programs training hub

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-incident-response/
Title: Incident ResponseManage and mitigate security incidents with systematic response services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/horizon/mdr-mpr/
Title: Managed Detection and ResponsePrioritize prevention, delivering comprehensive SOC operations as a service

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/digital-forensics/
Title: Digital ForensicsComprehensive investigation and analysis of cyber incidents and attacks

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/managed-xdr-with-siemsoar/
Title: MXDR with Managed SIEM

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/managed-firewall/
Title: Managed Firewalls

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/managed-edr/
Title: EDR with Agent Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/managed-cnapp/
Title: Managed CNAPP

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/managed-cspm/
Title: Managed CSPM

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/services/infinity-global/
Title: See All Infinity Global Services >

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/support-plans/
Title: Support ProgramsPrograms designed to help maximize security technology utilization

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/pro/
Title: Check Point PROProactive monitoring of infrastructure program offerings

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/contact-support/
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/devsecops/
Title: Developer Security & Operations

Search URL Search Domain Scan URL

URL: https://partnerlocator.checkpoint.com/#/
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/channel/
Title: Channel Partners

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/technology-partners/
Title: Technology Partners

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/mssp-program/
Title: MSSP Partners

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/amazon-aws-security/
Title: AWS Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/microsoft-azure-security/
Title: Azure Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/about-us/company-overview/
Title: Company

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/about-us/leadership/
Title: Leadership

Search URL Search Domain Scan URL

URL: https://careers.checkpoint.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/about-us/investor-relations/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/press-releases/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://engage.checkpoint.com/resources
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/events/
Title: Events & Webinars

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cyber-hub/
Title: Cyber Hub

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/
Title: Check Point Research

Search URL Search Domain Scan URL

URL: https://www.cybertalk.org/
Title: Cyber Talk for Executives

Search URL Search Domain Scan URL

URL: https://community.checkpoint.com/
Title: CheckMates Community

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fblog.checkpoint.com%2Fharmony-email%2Fspoofing-shein-for-credential-harvesting%2F

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/ 160 KB
28 KB 77ms
23ms Document
text/html 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx / WP Engine

Resource Hash

a6a2c2953bb083ec26f365680906d03af4b20feb33c1f9d8bb4f872e28ff2ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 449
cache-control: max-age=600, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 02:04:44 GMT
link: <https://blog.checkpoint.com/?p=246036>; rel=shortlink
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding,Cookie
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-id: dHy207lQURF_UOl0ma39CSlrc7WSlt8iswG6leY8FrOlWhvte4brNQ==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine

GET
H2 200 style.min.css
blog.checkpoint.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 11ms
9ms Stylesheet
text/css 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 17:07:38 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"662bdf5a-1bae5"
age: 464663
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: z0hNAdTejb85k8fi8pJjrkRMCQDWy47pPeCEY75pQ0ufiw6Vz7cJFw==

GET
H2 200 boostrap.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 118 KB
20 KB 13ms
11ms Stylesheet
text/css 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/boostrap.css?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c3a6ec18e8b49b442489672e17ac68678430968967b818d7772e8f495625aef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-1d946"
age: 464664
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: BXMOwUpNmGnb4SXdSe9dtcxdZ1B2VCbx9YqAC5YAV5VNQxkjsPI3hw==

GET
H2 200 owl-carousel.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 3 KB
1 KB 12ms
10ms Stylesheet
text/css 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/owl-carousel.css?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f1be068e1e417b77745a1587d48b8ecdc27627d2a61983acb1b3df24eb383544

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-bd1"
age: 464664
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 9IlCwybvfGWyB_3MAn2eH7VjPLlO1M2ntzvnU5Mi5nX0KWOXT32Q4g==

GET
H2 200 perfect-scrollbar.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 5 KB
1 KB 15ms
13ms Stylesheet
text/css 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/perfect-scrollbar.css?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5840ec787b934fc80f101b6e22686e9e779d28a7024ebff3a75804b40fef6be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-1251"
age: 464664
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: xUgR_xoxRmYmLTA-OCctv1W_9G95b74KaZFhThdduZKrdAkMqgy0-w==

GET
H2 200 magnific-popup.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 5 KB
2 KB 14ms
13ms Stylesheet
text/css 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/magnific-popup.css?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

39587eb320ad541e207d4feebd137e663a562402524bf5dba0a563731a01e4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-15d6"
age: 464664
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: gv5X-inabLcGvk5FRGc8XlLPF4dRrx0OM4JUHMA3Q5tTsPWlYLfu5A==

GET
H2 200 fotorama.css
blog.checkpoint.com/wp-content/themes/atoms/css/vendors/ 15 KB
3 KB 13ms
12ms Stylesheet
text/css 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/vendors/fotorama.css?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

3e275292d958f60b0509448e22870378fc1e3d0c6528850eb2980efcc20f530f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-3b28"
age: 464664
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: l4X6poVaeiA4BcTPzMj0cgRzRy_wM0mzRNgVIZVbTOvej_-UKVjBIA==

GET
H2 200 style.css
blog.checkpoint.com/wp-content/themes/atoms/css/ 997 KB
121 KB 16ms
14ms Stylesheet
text/css 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/css/style.css?ver=6.0.5

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

da940e0ede527f5a28f3a0fab37b661b7c48025ed57f39d4450d5848c66c2690

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 01 Oct 2023 16:35:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 16 May 2023 22:43:11 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"646406ff-f9353"
age: 18437784
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: oNjCc46PbggszajNQQQtu4NQO9ntonk33UZANB_v8qQuxd9TFMoemg==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
886 B 46ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap&ver=1680554497

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 02:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 01:27:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 02:12:13 GMT

GET
H2 200 jquery-3.7.1.min.js Show response
blog.checkpoint.com/wp-content/plugins/jquery-updater/js/ 85 KB
30 KB 23ms
21ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/plugins/jquery-updater/js/jquery-3.7.1.min.js?ver=3.7.1

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 23:47:55 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 14:48:04 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"64f1f9a4-155ed"
age: 18671058
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 2-8MCWmKjRep04o1B5m6UQ9CL2db9k6-sWho_w1uwGMLrkJvvG4Qqw==

GET
H2 200 jquery-migrate-3.4.1.min.js Show response
blog.checkpoint.com/wp-content/plugins/jquery-updater/js/ 13 KB
5 KB 22ms
20ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.1.min.js?ver=3.4.1

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 11 Sep 2023 08:52:24 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 14:48:04 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"64f1f9a4-3509"
age: 20193589
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: AwsV8f6mFgNqyenlfI7hoLyAGDy5i3kyFFsRfB8gQ8ooZzKIYM2_ow==

GET
H2 200 page-font-awesome-Base64.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 105 KB
70 KB 58ms
9ms Stylesheet
text/css 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/page-font-awesome-Base64.css

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

19cc00e7c06ab1a6fb3cb5991e7c81b7b25b3babad166141815663895a8d7801

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 12 Dec 2023 22:07:17 GMT
content-security-policy: 1
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
age: 12197096
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: W/"63055d6c-1a52d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: NS3v20shvZGeFM75HaWlbo8qCLxBSccEndcrHAvZ1nXtV3m8ZZ6u8Q==

GET
H2 200 page-font-DIN-Base64.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 61 KB
46 KB 65ms
17ms Stylesheet
text/css 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/page-font-DIN-Base64.css

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

30e7388b5f275fd1c09ad27e41ed9ad5fa01a97a02d4cd119d66699e62c982db

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Sep 2023 22:54:36 GMT
content-security-policy: 1
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
age: 18587857
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: W/"63055d6c-f247"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: 3XItZSX-7jOCceOKW4Aqr66nsNrNVxhHEtu1ElMsM-6_ZO-SAnq4FA==

GET
H/1.1 200
OK page-cp-unified-v4.css
sc1.checkpoint.com/sc1/css/ 559 KB
71 KB 232ms
177ms Stylesheet
text/css 104.73.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.73.232.210 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-232-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 478eed032fff677ebb70dcbfb13164d337082b63d3d0856c98af1d9f43c05890

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 02:12:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Apr 2024 20:06:02 GMT
Server: AkamaiNetStorage
ETag: "b3803d3c4bd78cc828d6ecace416e805:1713386026.79899"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=604800
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 jquery-3.4.0.js Show response
code.jquery.com/ 273 KB
81 KB 40ms
15ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d864c082f074c2f900ebe5035a21c7d1ed548fb5c212ca477ee9e4a6056e6aa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Origin: https://blog.checkpoint.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3008533
x-cache: HIT, HIT
content-length: 82681
x-served-by: cache-lga13624-LGA, cache-fra-eddf8230029-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1714615933.179793,VS0,VE0
etag: W/"28feccc0-44534"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9647, 1116

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.4/ 235 KB
63 KB 32ms
7ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Origin: https://blog.checkpoint.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 19813731
x-cache: HIT, HIT
content-length: 64296
x-served-by: cache-lga21924-LGA, cache-fra-eddf8230029-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1714615933.179767,VS0,VE0
etag: W/"28feccc0-3ab2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 76971

GET
H2 200 bootstrap.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/ 39 KB
11 KB 69ms
21ms Script
application/javascript 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/bootstrap.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 06 Feb 2024 07:53:36 GMT
content-security-policy: 1
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
age: 7409917
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: W/"63055d6c-9b00"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: 2lohCBsjb9AZI1jw86VfrUK8NusBQcwAzIaNI14RpPwlFNDujATymA==

GET
H2 200 search-btn.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 70ms
22ms Image
image/png 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search-btn.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 23:15:31 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 13143402
x-cache: Hit from cloudfront
content-length: 1833
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-729"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: y3e8EKc_2kkytV5otcGPZvg94xIxvCa_-1Oe3BXwumbnRm3wMWNwcA==

GET
H2 200 solutions-cta-1.jpg
www.checkpoint.com/wp-content/uploads/ 125 KB
126 KB 71ms
23ms Image
image/jpeg 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/solutions-cta-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

a55e8e2af8426876b233070983c376cc2a6ceadddf9952d7dd04d0b3bc31a11a

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 05 Feb 2024 05:51:51 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 7503622
x-cache: Hit from cloudfront
content-length: 128190
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 05 Feb 2024 05:26:14 GMT
server: nginx
etag: "65c07176-1f4be"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: 8JI0T3POFZKYhUxd-_WumkgXnad9R8nWr9Urkm017_s0i-2s1xjPcA==

GET
H2 200 platform-cta-1.jpg
www.checkpoint.com/wp-content/uploads/ 109 KB
109 KB 9ms
9ms Image
image/jpeg 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/platform-cta-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

066825011529d6dfbb03da7b2502c724cb3c28fde9bd6112b8643c2da51d7051

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 05 Feb 2024 05:51:52 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 7503621
x-cache: Hit from cloudfront
content-length: 111214
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 05 Feb 2024 05:26:12 GMT
server: nginx
etag: "65c07174-1b26e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: XbpcMczWm4vf9N8BhNHrVGxanZc2lXyD_2FYW5pHbLHQKWjC_-JufQ==

GET
H2 200 support-cta-1.jpg
www.checkpoint.com/wp-content/uploads/ 85 KB
86 KB 9ms
9ms Image
image/jpeg 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/support-cta-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

31911c18375230d065fa608e5828f110f8b96dee4303e6862614c9dbe099cd4a

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 05 Feb 2024 05:51:52 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 7503621
x-cache: Hit from cloudfront
content-length: 87501
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 05 Feb 2024 05:26:15 GMT
server: nginx
etag: "65c07177-155cd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: zvgLMRmGEmiZoZhBsB5jiG_hadKpR8mJbIaB4unsiolbtqoKOlhMag==

GET
H2 200 partners-cta-2.jpg
www.checkpoint.com/wp-content/uploads/ 89 KB
90 KB 9ms
8ms Image
image/jpeg 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/partners-cta-2.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

2b0e41c4f65beb2920e01288fb77bed2b52d26f1c5379b7b0c316e931f7df0a7

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 05 Feb 2024 05:51:52 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 7503621
x-cache: Hit from cloudfront
content-length: 91106
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 05 Feb 2024 05:49:10 GMT
server: nginx
etag: "65c076d6-163e2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: PSvMaC-qrgfXDBKaDge2gBncpbjurFkH_epSdsZABJ421hHs1fbUow==

GET
H2 200 more-cta-1.jpg
www.checkpoint.com/wp-content/uploads/ 146 KB
147 KB 9ms
9ms Image
image/jpeg 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/more-cta-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

491b61bb5c2c48c515eaa3ba0b1cec0c21a3430c6a749597228317ec92b8d659

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 05 Feb 2024 05:51:52 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 7503621
x-cache: Hit from cloudfront
content-length: 149895
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 05 Feb 2024 05:49:08 GMT
server: nginx
etag: "65c076d4-24987"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: svHrwtzvhYIqryLyNPg2H-8J65OadgAxID8aMnej4V0qpx0PiOXkZw==

GET
H2 200 checkpoint-logo.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 4 KB
5 KB 8ms
8ms Image
image/png 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/checkpoint-logo.png?v=1.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

07dee37bce81e437075e8030a84acacc8841075d5b10a30f2e8a98f6cabd6c79

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Jan 2024 06:05:25 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 9662808
x-cache: Hit from cloudfront
content-length: 4294
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 30 Oct 2023 17:24:29 GMT
server: nginx
etag: "653fe6cd-10c6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: ZCdOXs1gqtTDTL4aAn-2LZE0utwwssa6HehOjhzEwL7z-yZ81fQ3Fg==

GET
H2 200 pexels-cottonbro-5076516-1-800x400.jpg
blog.checkpoint.com/wp-content/uploads/2024/05/ 61 KB
61 KB 23ms
23ms Image
image/jpeg 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2024/05/pexels-cottonbro-5076516-1-800x400.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9097f7e9f7a00597d74f0d545ac22b3eb929414aa1961ad23632d62deebce87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:29:38 GMT
strict-transport-security: max-age=63072000
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 38555
x-cache: Hit from cloudfront
content-length: 62078
last-modified: Wed, 01 May 2024 15:16:23 GMT
server: nginx
etag: "66325cc7-f27e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QOtIDlAibShB_JdLEZAJHMBk9EVJuv-CxRF4SBYwoCXMXn6SowVSwQ==

GET
H2 200 shein.png
blog.checkpoint.com/wp-content/uploads/2024/05/ 24 KB
24 KB 9ms
9ms Image
image/png 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2024/05/shein.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

92d0e265f76d224e7be48804ff9edc0048a00492b9820d6db605a32fcc909c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:26:10 GMT
strict-transport-security: max-age=63072000
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 38763
x-cache: Hit from cloudfront
content-length: 24633
last-modified: Wed, 01 May 2024 15:13:13 GMT
server: nginx
etag: "66325c09-6039"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Z5gpRSzggyMvnyjRoS6kaNycpBQ8qIQ8MNFCiJWCN1DdpOxSP8Ag8g==

GET
H2 200 phishing-blog-2000x700-1-400x300.jpg
blog.checkpoint.com/wp-content/uploads/2023/07/ 24 KB
25 KB 9ms
9ms Image
image/jpeg 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/07/phishing-blog-2000x700-1-400x300.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7e50886bf0122bcd747ba2c72c48ba20fee3d28e170127de21aa87eacbe1b326

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 13:01:19 GMT
strict-transport-security: max-age=63072000
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 1429853
x-cache: Hit from cloudfront
content-length: 24666
last-modified: Mon, 17 Jul 2023 05:01:32 GMT
server: nginx
etag: "64b4cb2c-605a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9sYx0uzdHYpARoZz76LCmcf8UW-K7nJASzTELVOEDAN77nuICAW2wA==

GET
H2 200 icon-phone.png
blog.checkpoint.com/wp-content/themes/atoms/images/ 1 KB
2 KB 8ms
8ms Image
image/png 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/images/icon-phone.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

945c48407720ae91103b34e610ba4c784e24aa13229ebd27ef90297c201da869

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 11 Mar 2024 11:55:22 GMT
strict-transport-security: max-age=63072000
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 4457811
x-cache: Hit from cloudfront
content-length: 1301
last-modified: Mon, 11 Mar 2024 11:53:31 GMT
server: nginx
etag: "65eef0bb-515"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nGboOfDEfJjsWblDiNi2v1cifJ1y3fwELMHn1tTzw3hfd58DbhXm9A==

GET
H/1.1 200
OK nav_unified.js Show response
sc1.checkpoint.com/sc1/unified/js/ 8 KB
2 KB 70ms
53ms Script
application/x-javascript 104.73.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sc1.checkpoint.com/sc1/unified/js/nav_unified.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.73.232.210 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-232-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2036f63c988ea61768ec5387b03c0b9eb6a5901291a9b700806eb6d07d6a15bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 02:12:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 17:03:47 GMT
Server: AkamaiNetStorage
ETag: "714caa79dd5a7bac9d0c006768312dc0:1666287285.408875"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1707

GET
H2 200 footer.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/ 3 KB
2 KB 8ms
8ms Script
application/javascript 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/footer.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

ba36ba3a5a611a0a0284b826442804783bf8524e7ca724f6c440d8a5dc6b8702

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Sep 2023 22:54:36 GMT
content-security-policy: 1
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
age: 18587857
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 30 Jan 2023 16:17:32 GMT
server: nginx
etag: W/"63d7ed9c-a7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: PxhsUdf1IXSDn5FDek99-2BmVRp21ntcg9SgEF9Q7U14k-dSgVGGTg==

GET
H2 200 imagesloaded.min.js Show response
blog.checkpoint.com/wp-includes/js/ 5 KB
2 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Jan 2024 03:35:49 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 18:18:26 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"64d67b72-1590"
age: 9066984
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: p9NemYCeBLWVM_q7cGuuNfkx7VSrHRNjDRlXthUWjOV9hsMF6ujbvw==

GET
H2 200 masonry.min.js Show response
blog.checkpoint.com/wp-includes/js/ 24 KB
8 KB 9ms
9ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 08:54:00 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"5ee520a7-5e4a"
age: 11553493
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: DCo3USzszuEIvZV0kytoInW7EeXEfXfs130mGMq4x-h0rmigzIG1-A==

GET
H2 200 jquery.masonry.min.js Show response
blog.checkpoint.com/wp-includes/js/jquery/ 2 KB
1 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 12 Dec 2023 22:07:16 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Thu, 18 Aug 2016 18:55:30 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"57b604a2-71b"
age: 12197097
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: Qq6EiIGE2NhRa8ShjiSbKkXTbQDkbhmQO7oxP6OmRAqZDI1fSxwEDw==

GET
H2 200 throttle-debounce.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 497 B
771 B 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/throttle-debounce.min.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e2d885cb2748a4fc83a4e415466a529453aaaa0f537cb31fe2e6f108472fc5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:11:59 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-1f1"
age: 464414
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: vVV2RRW3JhAURiNjVAlNKf3toztLWqxq-UyIkEAzZDeWApEC_fheVQ==

GET
H2 200 bootstrap.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 36 KB
10 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/bootstrap.min.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:11:58 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-90bb"
age: 464415
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: eUdDoKf5NheD7Bx_s-Nga0gDu2jvYlooys8ZFWJOu_LlxYpZ0Tid4Q==

GET
H2 200 fotorama.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 38 KB
16 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/fotorama.min.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7b0efce477888066982b251fa52c0e442e90a0f7506cc5f9e838eeb6c1cfeb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:50 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-99ae"
age: 464663
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: ex3q_HuhX92Nhe6KECyoI927sRDlnOuYVjPOfuJFMxEiHefxfvXPxQ==

GET
H2 200 owl-carousel.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 43 KB
12 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/owl-carousel.min.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:12:00 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-ad3c"
age: 464413
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: OU-zCPDbFWEpQ9GlitfdI5Vy6rUHNHP_xMnKE85ElrTAfSPx8KPlHw==

GET
H2 200 theiaStickySidebar.min.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 5 KB
2 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/theiaStickySidebar.min.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

020ff6e3208f27e7c096ce43b605ff22e4b1acb2a34dbae3ecd07da10d25ead4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:50 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-13ff"
age: 464662
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: Q5C_WIf8mllI_jx0zbXhrZwzLKrXfmnlCjpLv1_EYvOvtjcWzMAxxw==

GET
H2 200 fitvids.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/vendors/ 3 KB
2 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/vendors/fitvids.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:50 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 23:54:28 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63460234-cf9"
age: 464662
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 698Tr7vkP770yRk1tEwuT7fOHwWP3HMMw1UwHSVskcTe9uuXpUnNJw==

GET
H2 200 scripts.js Show response
blog.checkpoint.com/wp-content/themes/atoms/js/ 170 KB
26 KB 9ms
9ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/atoms/js/scripts.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f17c8a0e6cefa97ee8778b9c3bcdbde195b6e18ef434c8a377af2096a7320ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:50 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Thu, 23 Feb 2023 23:23:16 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"63f7f564-2a907"
age: 464662
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: Pz70U3QsTwOi0Q0RMWtgEpup8MiKqRPROoAPvvFaRLEsYZETO83eVA==

GET
H2 200 comment-reply.min.js Show response
blog.checkpoint.com/wp-includes/js/ 3 KB
2 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/comment-reply.min.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:50 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"625095f6-ba5"
age: 464662
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: vj68UOBR5udnySciyNjwB5ckhtS3ikG9VnMaL-7DG_nOpnrgAGjhIg==

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 29ms
18ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3049
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 87d47c2fdfb6926e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 02:12:13 GMT

GET
BLOB 200
OK 2009cf87-ad84-4601-ae6f-848e043528c5
https://blog.checkpoint.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blog.checkpoint.com/2009cf87-ad84-4601-ae6f-848e043528c5
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 470 KB
129 KB 70ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ea8db5ab190cee77e46b8fd33df37de250017ac14c05eeec590676dab98968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131641
x-xss-protection: 0
last-modified: Thu, 02 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 02:12:13 GMT

GET
H2 200 bullet-prod.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 1 KB
2 KB 10ms
9ms Image
image/png 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/bullet-prod.png

Requested by

Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sc1.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 Nov 2023 06:01:29 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 15192644
x-cache: Hit from cloudfront
content-length: 1027
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-403"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: wfmwX7fT_DqWkg45_Mi5LZjTRREvfgpi3XNuv1va4vT6_BSatgY1fg==

GET
H2 200 search.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 8ms
8ms Image
image/png 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search.png

Requested by

Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sc1.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 Nov 2023 21:18:43 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 15224010
x-cache: Hit from cloudfront
content-length: 1658
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-67a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: 8NJBN28WB2_-fuQhkGX3Gho3FEYAxvvtvkx1FATXxo-izY_4kcOBEA==

GET
H2 200 intl.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
3 KB 9ms
9ms Image
image/png 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/intl.png

Requested by

Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-106.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c

Security Headers

Name	Value
Content-Security-Policy	1
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sc1.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 23:15:31 GMT
content-security-policy: 1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 13143402
x-cache: Hit from cloudfront
content-length: 2126
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 23 Aug 2022 23:06:20 GMT
server: nginx
etag: "63055d6c-84e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: iCjr0mQj5h0U-wFHnuq74J4lRx4zQs48q_R2bxIxz30945SrwVUrMA==

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a22a9f782432f61776fa13ac0a9bc16dac6c3d6ee86c51c4126c5e9715cd5ec8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 404
Not Found 34CA47_6_0.woff2
sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/ 0
0 694ms
668ms Font
text/plain 104.73.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_6_0.woff2
Requested by: Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.73.232.210 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-232-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2
Origin: https://blog.checkpoint.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 02:12:14 GMT
Server: AkamaiNetStorage
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 10

GET
DATA 200
OK truncated
/ 64 KB
64 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://www.checkpoint.com/
Origin: https://blog.checkpoint.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H/1.1 404
Not Found 34CA47_4_0.woff2
sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/ 0
0 583ms
558ms Font
text/plain 104.73.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_4_0.woff2
Requested by: Host: sc1.checkpoint.com
URL: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.73.232.210 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-232-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sc1.checkpoint.com/sc1/css/page-cp-unified-v4.css?v=1.2
Origin: https://blog.checkpoint.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 02:12:14 GMT
Server: AkamaiNetStorage
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 10

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dbe8985afa96651d09789d79f6c4f67ff6cfd4f894656e77074f16d78500ed4

Request headers

Referer: https://www.checkpoint.com/
Origin: https://blog.checkpoint.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29330ee71dee82f451d2dbd44cfc6170767326ae3b78a9755002edf6bac62401

Request headers

Referer: https://www.checkpoint.com/
Origin: https://blog.checkpoint.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 author-image.png
blog.checkpoint.com/wp-content/uploads/2023/02/ 752 B
1 KB 8ms
8ms Image
image/png 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/02/author-image.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

01523462a4211ea90de73ad889719c964515e4be7fae2cc237e137f40ae5d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Jan 2024 22:59:49 GMT
strict-transport-security: max-age=63072000
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 9774744
x-cache: Hit from cloudfront
content-length: 752
last-modified: Wed, 22 Feb 2023 22:29:41 GMT
server: nginx
etag: "63f69755-2f0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: il4IPhmzNgyNFThK-PRHpv-SkkD4oS2HClG6uJJWmD6ZyHV2byUTcw==

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 22ms
22ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3049
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 87d47c304feb926e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 02:12:13 GMT

GET
H2 200 wp-emoji-release.min.js Show response
blog.checkpoint.com/wp-includes/js/ 18 KB
5 KB 8ms
8ms Script
application/javascript 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 17:07:51 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 17:07:39 GMT
server: nginx
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
etag: W/"662bdf5b-4926"
age: 464662
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: prA2Ph6M2ZBLrQpftUYpYVKST0hu8AIAajqxdyaevyKjWsjE9fiKbw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23aa7bace236a738444cdf8734355241d94feafa662061ecb868014659b60766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103525
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 02:12:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 40ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=45je44t0v881001595z86871859za200&_p=1714615933199&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1259949068.1714615934&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fblog.checkpoint.com%2Fharmony-email%2Fspoofing-shein-for-credential-harvesting%2F&dp=%2Fharmony-email%2Fspoofing-shein-for-credential-harvesting%2F&sid=1714615933&sct=1&seg=0&dt=Spoofing%20Shein%20for%20Credential%20Harvesting%20-%20Check%20Point%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&ep.host_property=blog.checkpoint.com&ep.page_level1=harmony-email&ep.page_level2=spoofing-shein-for-credential-harvesting&tfd=541
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 02:12:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 62ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-48VXKGDGCV&cid=1259949068.1714615934&gtm=45je44t0v881001595z86871859za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 02:12:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
17ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-48VXKGDGCV&cid=1259949068.1714615934&gtm=45je44t0v881001595z86871859za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1130006809

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 02:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/ 12 KB
5 KB 47ms
24ms Script
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/OtAutoBlock.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49e6085a83d493692a699bea227a31e109363c06854e28e1da65a04ef3d70fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 25210
content-md5: WwUkV5wh2t7Z7UjEoYbLXg==
content-length: 4498
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 19:56:22 GMT
server: cloudflare
etag: 0x8DAFF0E3C195A14
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 710b50aa-c01e-001f-0bb5-0c8a87000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c34be5b9741-FRA
expires: Fri, 03 May 2024 02:12:14 GMT

GET
H2 202 favicon.ico
www.checkpoint.com/images/icons/ 0
283 B 8ms
8ms Other
text/html 18.66.147.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.checkpoint.com/images/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-106.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:14 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
server: CloudFront
x-amzn-waf-action: challenge
x-amz-cf-pop: FRA60-P4
x-cache: Error from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-store, max-age=0
content-length: 0
x-amz-cf-id: UQIoGlIKcjbp_BEDtuppx8jCaGq4HQy3f5YCILYSkSm332m0LymF-g==

GET favicon.png
www.checkpoint.com/images/icons/ 0
0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 16ms
16ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
age: 19970
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Tue, 30 Apr 2024 06:34:30 GMT
server: cloudflare
etag: 0x8DC68DF97421402
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ee6f9417-a01e-0036-1a18-9bb4f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c34ee689741-FRA

GET
H2 200 6be79097-5aaa-4b3b-8be4-f464d92cf186.json Show response
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/ 5 KB
2 KB 49ms
29ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6be79097-5aaa-4b3b-8be4-f464d92cf186.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cde084bc5ee04ea9bc5d4f5cd4c5c98443beed4311deecc87cb7eefc1533bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6636
content-md5: CqflGnWicKogdVwRp1k/JQ==
content-length: 1762
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 19:56:24 GMT
server: cloudflare
etag: 0x8DAFF0E3CE1BE4A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 047ffbe4-401e-0063-5d68-79a478000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c3528cb5d5d-FRA
expires: Fri, 03 May 2024 02:12:14 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 38ms
22ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 87d47c357ea71e5e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 395 KB
94 KB 18ms
17ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 38307
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:35 GMT
server: cloudflare
etag: 0x8DB14866ADAA84A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5e262276-701e-0068-1464-235f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c359ed19741-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6c0f7219-922c-429c-8b72-e13962a62e3c/ 140 KB
25 KB 27ms
26ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6be79097-5aaa-4b3b-8be4-f464d92cf186/6c0f7219-922c-429c-8b72-e13962a62e3c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605b729d5714cedbe1a4e4a2bf496da36ca9ce49a49e2b71d20a2befd9f251db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 38032
content-md5: c+MpxVJOA8ow2bb1kvQPPA==
content-length: 24990
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 19:56:26 GMT
server: cloudflare
etag: 0x8DAFF0E3DF1A8E0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8cb5d17b-f01e-0051-55d6-9b5f9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c35c9065d5d-FRA
expires: Fri, 03 May 2024 02:12:14 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 13 KB
3 KB 20ms
20ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
age: 46720
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 390f3cee-901e-005f-0526-618dbf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c3609145d5d-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 61 KB
12 KB 21ms
21ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ykryv/G09FP6w4m7cogHHg==
age: 41657
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12548
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB1486680298ED
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a1a29dbd-801e-00b0-61d1-9bb8e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c3609155d5d-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 5 KB
2 KB 23ms
23ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wkJHHbnp3s43+NZzgCj5tg==
age: 46720
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB148667BDAA3D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7786e976-201e-0081-2c1f-749959000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c3609165d5d-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 22ms
22ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 6635
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 853e0ed7-701e-0068-6b19-155f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87d47c3609175d5d-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 19ms
18ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 38312
x-ms-lease-status: unlocked
last-modified: Tue, 30 Apr 2024 06:34:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f51b0f30-301e-0046-4177-9b0d04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87d47c363f2b9741-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
510 B 25ms
25ms Fetch
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 38031
x-ms-lease-status: unlocked
last-modified: Tue, 30 Apr 2024 06:34:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8bcc5350-f01e-0059-4340-9bbe00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87d47c36396b5d5d-FRA

GET
H2 200 privacy-center.png
cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/9b630f80-0ad4-4be8-9223-a37ab5e74b02/5ea19ec2-7813-4a8e-b4ea-6f87c8959b4e/ 1 KB
2 KB 18ms
17ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/9b630f80-0ad4-4be8-9223-a37ab5e74b02/5ea19ec2-7813-4a8e-b4ea-6f87c8959b4e/privacy-center.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HnzIqzk5bF7upvrzwNVyQA==
age: 18445
content-length: 1478
x-ms-lease-status: unlocked
last-modified: Fri, 28 Oct 2022 21:43:30 GMT
server: cloudflare
etag: 0x8DAB92D747F1094
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f4f42486-e01e-0027-18e7-1d2e47000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d47c365f3a9741-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 17ms
17ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 May 2024 02:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 6872
x-ms-lease-status: unlocked
last-modified: Tue, 30 Apr 2024 06:34:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5615e828-501e-007f-6031-9bf618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87d47c365f3b9741-FRA

GET
H2 200 cropped-favicon-512x512-1-32x32.png
blog.checkpoint.com/wp-content/uploads/2023/10/ 1 KB
1 KB 393ms
393ms Other
image/png 18.173.205.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/uploads/2023/10/cropped-favicon-512x512-1-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-29.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2c7f96cc2c9b702f9371cc142ee099724455bcfe0ec2e8a9afd240090fee69d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:12:14 GMT
strict-transport-security: max-age=63072000
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
last-modified: Tue, 31 Oct 2023 19:15:29 GMT
server: nginx
x-amz-cf-pop: FRA56-P12
etag: "65415251-41b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1051
x-amz-cf-id: BI8tBPSBb8j8KurM81_6DDftgpFVmqbureqP2_1PoMc10uTOYI7MJA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.checkpoint.com
URL: https://www.checkpoint.com/images/icons/favicon.png

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting	1970-01-20 20:16:56	Name: spoofingsheinforcredentialharvesting Value: 1
.onesignal.com/	1970-01-20 20:16:57	Name: __cf_bm Value: orhgrd1vcob8Bc4hKaTT3CBoYHEvuZeKyt995UsHJQA-1714615933-1.0.1.1-0xdTGNTxz.HP5Jp2PQVTfGRjJiPLlf_Z8AOScZ0HBOm1HBk0eQGubG3LU9BC.Anof9iWibYOnb93wyYvRc1twQ
.checkpoint.com/	1970-01-20 22:26:31	Name: _gcl_au Value: 1.1.920393716.1714615934
.checkpoint.com/	1970-01-21 05:52:55	Name: _ga_48VXKGDGCV Value: GS1.1.1714615933.1.0.1714615933.60.0.0
.checkpoint.com/	1970-01-21 05:52:55	Name: _ga Value: GA1.1.1259949068.1714615934
.checkpoint.com/	1970-01-21 05:02:31	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+May+02+2024+04%3A12%3A14+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202301.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fblog.checkpoint.com%2Fharmony-email%2Fspoofing-shein-for-credential-harvesting%2F&groups=C0003%3A0%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/(Line 237) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.checkpoint.com/harmony-email/spoofing-shein-for-credential-harvesting/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_4_0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sc1.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_6_0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.checkpoint.com
cdn.cookielaw.org
cdn.onesignal.com
code.jquery.com
fonts.googleapis.com
geolocation.onetrust.com
region1.analytics.google.com
sc1.checkpoint.com
stats.g.doubleclick.net
www.checkpoint.com
www.google.de
www.googletagmanager.com
www.checkpoint.com
104.17.111.223
104.73.232.210
172.217.16.195
18.173.205.29
18.66.147.106
2001:4860:4802:34::36
2606:4700:4400::6812:2089
2606:4700::6813:b134
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
2a04:4e42:400::649
01523462a4211ea90de73ad889719c964515e4be7fae2cc237e137f40ae5d0cf
020ff6e3208f27e7c096ce43b605ff22e4b1acb2a34dbae3ecd07da10d25ead4
066825011529d6dfbb03da7b2502c724cb3c28fde9bd6112b8643c2da51d7051
07dee37bce81e437075e8030a84acacc8841075d5b10a30f2e8a98f6cabd6c79
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
0d864c082f074c2f900ebe5035a21c7d1ed548fb5c212ca477ee9e4a6056e6aa
0dbe8985afa96651d09789d79f6c4f67ff6cfd4f894656e77074f16d78500ed4
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19cc00e7c06ab1a6fb3cb5991e7c81b7b25b3babad166141815663895a8d7801
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2036f63c988ea61768ec5387b03c0b9eb6a5901291a9b700806eb6d07d6a15bf
23aa7bace236a738444cdf8734355241d94feafa662061ecb868014659b60766
29330ee71dee82f451d2dbd44cfc6170767326ae3b78a9755002edf6bac62401
2b0e41c4f65beb2920e01288fb77bed2b52d26f1c5379b7b0c316e931f7df0a7
2c7f96cc2c9b702f9371cc142ee099724455bcfe0ec2e8a9afd240090fee69d9
30e7388b5f275fd1c09ad27e41ed9ad5fa01a97a02d4cd119d66699e62c982db
31911c18375230d065fa608e5828f110f8b96dee4303e6862614c9dbe099cd4a
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
39587eb320ad541e207d4feebd137e663a562402524bf5dba0a563731a01e4e0
3e275292d958f60b0509448e22870378fc1e3d0c6528850eb2980efcc20f530f
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
478eed032fff677ebb70dcbfb13164d337082b63d3d0856c98af1d9f43c05890
491b61bb5c2c48c515eaa3ba0b1cec0c21a3430c6a749597228317ec92b8d659
49e6085a83d493692a699bea227a31e109363c06854e28e1da65a04ef3d70fe2
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f17c8a0e6cefa97ee8778b9c3bcdbde195b6e18ef434c8a377af2096a7320ff
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5840ec787b934fc80f101b6e22686e9e779d28a7024ebff3a75804b40fef6be5
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
605b729d5714cedbe1a4e4a2bf496da36ca9ce49a49e2b71d20a2befd9f251db
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5
76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c
7b0efce477888066982b251fa52c0e442e90a0f7506cc5f9e838eeb6c1cfeb2c
7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96
7e50886bf0122bcd747ba2c72c48ba20fee3d28e170127de21aa87eacbe1b326
8ea8db5ab190cee77e46b8fd33df37de250017ac14c05eeec590676dab98968e
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92d0e265f76d224e7be48804ff9edc0048a00492b9820d6db605a32fcc909c9b
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
945c48407720ae91103b34e610ba4c784e24aa13229ebd27ef90297c201da869
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9cde084bc5ee04ea9bc5d4f5cd4c5c98443beed4311deecc87cb7eefc1533bcd
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a22a9f782432f61776fa13ac0a9bc16dac6c3d6ee86c51c4126c5e9715cd5ec8
a55e8e2af8426876b233070983c376cc2a6ceadddf9952d7dd04d0b3bc31a11a
a6a2c2953bb083ec26f365680906d03af4b20feb33c1f9d8bb4f872e28ff2ead
a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007
a9097f7e9f7a00597d74f0d545ac22b3eb929414aa1961ad23632d62deebce87
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc
ba36ba3a5a611a0a0284b826442804783bf8524e7ca724f6c440d8a5dc6b8702
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3a6ec18e8b49b442489672e17ac68678430968967b818d7772e8f495625aef3
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
da940e0ede527f5a28f3a0fab37b661b7c48025ed57f39d4450d5848c66c2690
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d885cb2748a4fc83a4e415466a529453aaaa0f537cb31fe2e6f108472fc5c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1be068e1e417b77745a1587d48b8ecdc27627d2a61983acb1b3df24eb383544
fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2
fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

blog.checkpoint.com Open in urlscan Pro 18.173.205.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

97 %HTTPS

58 %IPv6

10 Domains

12 Subdomains

13 IPs

4 Countries

1919 kBTransfer

5683 kBSize

6 Cookies

100 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.checkpoint.com Open in urlscan Pro
18.173.205.29 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

97 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

13
IPs

4
Countries

1919 kB
Transfer

5683 kB
Size

6
Cookies

73 HTTP transactions
4 data transactions