blogs.akamai.com Open in urlscan Pro
2a02:26f0:6c00:297::2469 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Submission: On November 15 via api (November 15th 2020, 3:15:24 am UTC) from US

Summary HTTP 119 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 28 domains to perform 119 HTTP transactions. The main IP is 2a02:26f0:6c00:297::2469, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is blogs.akamai.com.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on March 11th 2020. Valid for: a year.

This is the only time blogs.akamai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a02:26f0:6c0... 2a02:26f0:6c00:297::2469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a02:26f0:6c0... 2a02:26f0:6c00:28c::6a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2	104.111.241.218 104.111.241.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.215.63 143.204.215.63	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::2db0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.239.192.38 54.239.192.38	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
7	35.172.25.79 35.172.25.79	14618 (AMAZON-AES) (AMAZON-AES)
4	34.253.21.206 34.253.21.206	16509 (AMAZON-02) (AMAZON-02)
1	54.239.192.123 54.239.192.123	16509 (AMAZON-02) (AMAZON-02)
2 2	54.171.14.147 54.171.14.147	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.215.100 143.204.215.100	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
119	30

20 2a02:26f0:6c00:297::2469 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

blogs.akamai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:6c00:28c::6a3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

www.akamai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba58 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.241.218 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-241-218.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.63 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-63.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2a0::2db0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.88 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.192.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-38.waw50.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

642-skn-449.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.172.25.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-25-79.compute-1.amazonaws.com

ing-district.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.253.21.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-21-206.eu-west-1.compute.amazonaws.com

c.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.192.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-123.waw50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.14.147 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-147.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.100 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-100.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	akamai.com blogs.akamai.com www.akamai.com	2 MB
16	clicktale.net cdnssl.clicktale.net ing-district.clicktale.net c.clicktale.net	156 KB
6	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	192 KB
6	cookielaw.org cdn.cookielaw.org	102 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google.de www.google.de	703 B
3	google.com www.google.com	703 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	facebook.com www.facebook.com	404 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	facebook.net connect.facebook.net	92 KB
2	marketo.net munchkin.marketo.net	7 KB
2	googleadservices.com www.googleadservices.com	23 KB
2	licdn.com snap.licdn.com	3 KB
2	akamaihd.net ds-aksb-a.akamaihd.net	5 KB
1	twitter.com analytics.twitter.com	652 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	mktoresp.com 642-skn-449.mktoresp.com	311 B
1	t.co t.co	448 B
1	ml-api.io attr.ml-api.io	485 B
1	ml-attr.com 1 redirects s.ml-attr.com	275 B
1	demandbase.com scripts.demandbase.com	18 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	82 KB
119	28

	Domain	Requested by
24	www.akamai.com	blogs.akamai.com
20	blogs.akamai.com	blogs.akamai.com
7	ing-district.clicktale.net	cdnssl.clicktale.net
6	cdn.cookielaw.org	blogs.akamai.com cdn.cookielaw.org
5	cdnssl.clicktale.net	blogs.akamai.com cdnssl.clicktale.net
4	c.clicktale.net	blogs.akamai.com
4	www.google-analytics.com	blogs.akamai.com www.google-analytics.com
4	s7.addthis.com	blogs.akamai.com s7.addthis.com
3	www.google.de	blogs.akamai.com
3	www.google.com	blogs.akamai.com
2	segments.company-target.com	1 redirects blogs.akamai.com
2	match.prod.bidr.io	2 redirects
2	www.facebook.com	blogs.akamai.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	1 redirects blogs.akamai.com
2	secure.adnxs.com	2 redirects
2	connect.facebook.net	blogs.akamai.com connect.facebook.net
2	munchkin.marketo.net	blogs.akamai.com munchkin.marketo.net
2	www.googleadservices.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	ds-aksb-a.akamaihd.net	blogs.akamai.com
1	api-public.addthis.com	s7.addthis.com
1	analytics.twitter.com	static.ads-twitter.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	api.company-target.com	scripts.demandbase.com
1	642-skn-449.mktoresp.com	munchkin.marketo.net
1	www.linkedin.com	1 redirects
1	t.co	blogs.akamai.com
1	attr.ml-api.io	blogs.akamai.com
1	s.ml-attr.com	1 redirects
1	scripts.demandbase.com	blogs.akamai.com
1	static.ads-twitter.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	blogs.akamai.com
119	36

This site contains links to these domains. Also see Links.

Domain
www.akamai.com
www.ir.akamai.com
developer.akamai.com
control.akamai.com
akamai.com
learn.akamai.com
community.akamai.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
blogs.akamai.com DigiCert Secure Site ECC CA-1	`2020-03-11` - `2021-06-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
www.akamai.com DigiCert Secure Site ECC CA-1	`2020-09-17` - `2021-09-17`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
*.clicktale.net DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.ml-api.io Amazon	`2020-02-06` - `2021-03-06`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
c.clicktale.net Amazon	`2020-10-13` - `2021-11-12`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-01-02` - `2020-12-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Frame ID: 0DC27D2700919B7947D90AF8E91F5DBB
Requests: 119 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 08EE12F477094741407A1F4CD15FFE79
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8CCB1591B22284ADC5EF581A06256228
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

119
Requests

92 %
HTTPS

48 %
IPv6

28
Domains

36
Subdomains

30
IPs

6
Countries

3037 kB
Transfer

6324 kB
Size

20
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://www.akamai.com/us/en/about/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/workplace-diversity.jsp
Title: Diversity

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/company-history.jsp
Title: Company History

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/locations.jsp
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/leadership/
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/corporate-responsibility/
Title: Corporate Responsibility

Search URL Search Domain Scan URL

URL: http://www.ir.akamai.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/our-thinking/
Title: Our Thinking

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/partners/
Title: Our Partners

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us.jsp
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/cdn/
Title: CDN

Search URL Search Domain Scan URL

URL: https://developer.akamai.com/
Title: Developers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/akamai-free-trials.jsp
Title: Free Trials

Search URL Search Domain Scan URL

URL: https://control.akamai.com/
Title: Customer Login

Search URL Search Domain Scan URL

URL: https://akamai.com/
Title: Akamai.com

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/world-class-digital-experiences.jsp
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/intelligent-platform/
Title: Intelligent Edge Platform

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/threat-research.jsp
Title: Threat Research

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/security.jsp
Title: Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/performance/
Title: Web Performance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/media/ott-media-delivery.jsp
Title: Media Delivery

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/performance/devops.jsp
Title: DevOps

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/
Title: View All Solutions

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/financial-cdn-services.jsp
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/hotel-travel-cdn-services.jsp
Title: Hotel & Travel

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/media-entertainment-cdn-services.jsp
Title: Media & Entertainment

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/public-sector-cdn-services.jsp
Title: Public Sector

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/retail-consumer-cdn-services.jsp
Title: Retail & Consumer Goods

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/software-technology-cdn-services.jsp
Title: Software & Technology

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/
Title: View All Solutions

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/security/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/performance/
Title: Web Performance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/media-delivery/
Title: Media Delivery

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/network-operator/
Title: Network Operator

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/services/
Title: Services

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/our-customers.jsp
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/visualizing-akamai/
Title: Insights

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/information-security/
Title: Information Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/threat-advisories/
Title: Threat Advisories

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/for-cios/
Title: For CIOs

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/state-of-the-internet-report/
Title: State of the Internet Report

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/library.jsp
Title: Document Library

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/cdn-and-cloud-services-glossary.jsp
Title: Glossary

Search URL Search Domain Scan URL

URL: https://learn.akamai.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://community.akamai.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/library.jsp
Title: FEATURED Our Library Search our library for helpful resources on topics you care about. Learn More

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/support/global-support-phone-numbers.jsp
Title: Global Support Phone Numbers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/support/
Title: Support Resources

Search URL Search Domain Scan URL

URL: https://community.akamai.com/customers/s/support
Title: Support on Community

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/stop-ddos-attacks.jsp
Title: UNDER ATTACK Are You Under Attack? Contact the DDoS Attack Hotline for emergency DDoS protection. Act Now

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/
Title: CONTACT Get in touch Want to get in touch with us? There are multiple ways to contact an Akamai representative. Contact Now

Search URL Search Domain Scan URL

URL: http://www.akamai.com/PIM
Title: www.akamai.com/PIM

Search URL Search Domain Scan URL

URL: http://www.ir.akamai.com/phoenix.zhtml?c=75943&p=irol-irhome
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/compliance/
Title: Compliance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/student-jobs-internships.jsp
Title: Students

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/working-at-akamai.jsp
Title: Working at Akamai

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/media-resources.jsp
Title: Media Resources

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/press-contacts.jsp
Title: Press Contacts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AkamaiTechnologies/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/akamai-technologies
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/Akamai
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/akamaitechnologies
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/compliance/data-protection-at-akamai.jsp
Title: TRUST CENTER

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/privacy-policies/
Title: Policy Details

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/
Title: www.akamai.com

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/privacy-policies/legal-notices.jsp
Title: EMEA Legal Notices

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/contact-webmaster.jsp
Title: Webmaster

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/multimedia/documents/akamai/akamai-privacy-statement.pdf
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dakamai.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=akamai.com&pId=9066100310178867384

Request Chain 77

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605410107904&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D62114%26time%3D1605410107904%26url%3Dhttps%253A%252F%252Fblogs.akamai.com%252F2020%252F11%252Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605410107904&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&liSync=true

Request Chain 94

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAGsQE6_YToAABB0RUWiUw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGsQE6_YToAABB0RUWiUw&verifyHash=ee7a0b8f27b112858793388ae422469dc549f8be

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html Show response
blogs.akamai.com/2020/11/ 168 KB
26 KB 88ms
19ms Document
text/html 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

6ec3ee32d1247df1e638ba7c2ee725916ba461173c1fb0eed726398ad761b42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: blogs.akamai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Wed, 11 Nov 2020 14:32:52 GMT
ETag: "29c8c-5b3d5ab9d4cae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
X-Akamai-Transformed: 9 - 0 pmb=mRUM,1
Date: Sun, 15 Nov 2020 03:15:06 GMT
Content-Length: 25649
Connection: keep-alive
Set-Cookie: ak_bmsc=19F5EA340C94394427A8ED7CA14CDCAA0210BAB5352A00003A9DB05FF12BC644~pldLqDWZ9L9Vck2yzF4K51MlpkqpcOKh1CCsfBhXWonhc8vfLc0n2Uun2hGhmECFgqMQbmtTpzm5Y4fjKQHJGx0kl0YZoXUJQRuMSR2v0BnzdGoB8eUTUnd7bYC3uFC83iNzb+0iunDDbeZMNKwanrSM4S2yLPtIMVntKzAPUUssEWIHYZTePyb4sz4nvVkoKoeu9OlAQWYkLiz32IiBTKOpDlT5iZsbAxdKk15x0r4g0=; expires=Sun, 15 Nov 2020 05:15:06 GMT; max-age=7200; path=/; domain=.akamai.com; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=31536000

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 42ms
25ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 15 Nov 2020 03:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lztHLkvcGPqUR1UL9im3jQ==
age: 4990
status: 200
vary: Accept-Encoding
content-length: 4134
cf-request-id: 066b7f460000009778878c9000000001
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 23:25:09 GMT
server: cloudflare
etag: 0x8D8869907E659BF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a5b75091-b01e-0044-5b87-b8048a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f25ce4ffbab9778-FRA

GET
H/1.1 200
OK styles-31.css
blogs.akamai.com/ 524 B
643 B 118ms
117ms Stylesheet
text/css 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/styles-31.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9b8e4ce379725beb99115050b7339852a1281bdab67ef7bc271a4a48b46969a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:06 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 19 Nov 2019 11:14:58 GMT
ETag: "20c-597b12cabea0e-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 201
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK mt.js Show response
blogs.akamai.com/ 31 KB
9 KB 107ms
95ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

c1ce34720ab476653c4261c268701931bfd437ce6701e18a131a7c6abc37b7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:06 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Thu, 12 Nov 2020 11:25:21 GMT
ETag: "7b73-5b3e72ade3716-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 8784
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
blogs.akamai.com/js/ 85 KB
30 KB 119ms
107ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/js/jquery-3.3.1.min.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:06 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "1538f-5909ca9aeeb3e-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 30307
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK amp.min.js Show response
blogs.akamai.com/js/amp/ 295 KB
73 KB 109ms
97ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/js/amp/amp.min.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

edfc6dedf98d3024cc61633b2ee53ab4398e59ad287b132ecf6a41a0acb47d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:06 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "49d3c-5909ca9aefadf-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 73861
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ga-events-new.js Show response
blogs.akamai.com/ 3 KB
1 KB 107ms
95ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/ga-events-new.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

837b1df4e6afd164cddafe91e5801b3dfe5758c32418d1d5236d6c8a23eaf003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:06 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "cba-5909ca9a90f1d-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 787
X-Content-Type-Options: nosniff

GET
H2 200 what-we-do-overview.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 11 KB
11 KB 353ms
251ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-overview.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9e03a63a27af3ed05eadbfdb9d7de4ccbfe24adadfa2c3390c70dc09bbd729fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1d7f4-5b3dbfbca9e96"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315341
server-timing: cdn-cache; desc=HIT, edge; dur=120
content-length: 11162
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:24:08 GMT

GET
H2 200 what-we-do-intelligent-platform.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 30 KB
30 KB 419ms
334ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-intelligent-platform.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

94b8297f3fb848f41fa988ebc575f65c4aa2e458f04dba48025287249bcba66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-755, origin; dur=1004
content-length: 30490
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "4b459-5b3572c406466"
x-serial: 291
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=1744308
expires: Sat, 05 Dec 2020 07:46:55 GMT

GET
H2 200 what-we-do-threat-research.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 31 KB
32 KB 361ms
334ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-threat-research.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

943bf13a74414d92ca5351ee76bb447f6d251b4de19a82f0160f2450de186402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-620, origin; dur=875
content-length: 32080
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "e1258-5b3572c47559d"
x-serial: 1148
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=1744354
expires: Sat, 05 Dec 2020 07:47:41 GMT

GET
H2 200 what-we-do-free-trials.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 20 KB
20 KB 274ms
246ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-free-trials.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b3d0954dce6e71682556b1c8ccaabb10adfb2ff8d6c1dd5c6a989660dcfa967b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "29b47-5b3dbfbc1bf18"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315336
server-timing: cdn-cache; desc=HIT, edge; dur=157
content-length: 20368
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:24:03 GMT

GET
H2 200 globe-background.png
www.akamai.com/us/en/multimedia/images/custom/2019/ 2 KB
2 KB 274ms
246ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/custom/2019/globe-background.png?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c52b6154710730fad4aea6cfd15cfd7226a6301285655980feff5cca135bb8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:24:23 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "ed45-5b3dbfbebca1b"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315304
server-timing: cdn-cache; desc=HIT, edge; dur=163
content-length: 1894
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:23:31 GMT

GET
H2 200 threats-can-come-from-anywhere-nav-image.png
www.akamai.com/us/en/multimedia/images/navigation/ 48 KB
49 KB 254ms
226ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/threats-can-come-from-anywhere-nav-image.png?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f8e55488b7aab65a10ccfaa3990a2915d64c722d9b8bf384cd346a04fc511a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "c6be5-5b3dbfbc1fd8d"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315367
server-timing: cdn-cache; desc=HIT, edge; dur=169
content-length: 49622
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:24:34 GMT

GET
H2 200 products-web-performance.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 13 KB
14 KB 245ms
241ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-web-performance.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b458ee55ed784747e997d444d829a353186fa44f5762afe54c626b9fcec8aef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:38 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1d7f9-5b3dbfbca350a"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315355
server-timing: cdn-cache; desc=HIT, edge; dur=136
content-length: 13720
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:24:22 GMT

GET
H2 200 products-media-delivery.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 16 KB
16 KB 334ms
330ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-media-delivery.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2a7af71edf6d8f39d2c39679cf0ba2f52b10f72a82be4ea866e97590f7be850e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-527, origin; dur=763
content-length: 15996
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2af11-5b3572c4f5976"
x-serial: 1502
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=1744466
expires: Sat, 05 Dec 2020 07:49:33 GMT

GET
H2 200 products-network-operator.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 14 KB
14 KB 245ms
241ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-network-operator.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f32102e74e82fcae9c748b45d50ba0f5c112b60984f47db9eba4c1020770ef7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:39 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1e340-5b3dbfbc1d2ab"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315366
server-timing: cdn-cache; desc=HIT, edge; dur=140
content-length: 14294
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:24:33 GMT

GET
H2 200 products-services.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 8 KB
9 KB 246ms
242ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-services.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4ea2958d7ec4ed3e4e29d5398463fd4196e128795eb99b467cd548aff6495b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:24:52 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "20b48-5b3dbfbeab8a8"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315232
server-timing: cdn-cache; desc=HIT, edge; dur=131
content-length: 8694
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:22:19 GMT

GET
H2 200 products-developers.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 15 KB
16 KB 247ms
243ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-developers.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

725a6e06c6c4db64af816ee1d9f6a82d1d5c99439c2ffe3cd1a58413c736946a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2a716-5b3572c506ed6"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315291
server-timing: cdn-cache; desc=HIT, edge; dur=126
content-length: 15656
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:23:18 GMT

GET
H2 200 resources-case-studies.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 27 KB
28 KB 247ms
243ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-case-studies.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d0b69006ced59bc683ec91dfa4c2647931b7f9e2fb0b28fb4aad32b3eb56747b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "46797-5b3dbfbca6406"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315311
server-timing: cdn-cache; desc=HIT, edge; dur=113
content-length: 27968
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:23:38 GMT

GET
H2 200 resources-insights.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 34 KB
35 KB 346ms
342ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-insights.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fbd7dc11673944c030c85b314432593439647c0c602eee37dee363c2644465e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5808d-5b3dbfbc11b09"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315333
server-timing: cdn-cache; desc=HIT, edge; dur=299
content-length: 34916
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:24:00 GMT

GET
H2 200 resources-soti.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 29 KB
29 KB 261ms
257ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-soti.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e4f900e261a4e95471b85d1b1a97e796c1de085fe6e3db2bd7bb7b3b5bb1e507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "65bc8-5b3dbfbc04fdf"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315258
server-timing: cdn-cache; desc=HIT, edge; dur=94
content-length: 29280
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:22:45 GMT

GET
H2 200 resources-document-library.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 16 KB
16 KB 250ms
246ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-document-library.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d327bc6cab8bbd2cc9cb1190c836e414b1c13ba03fd05c1f7e4adca28af12968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:41 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "27653-5b3dbfbc01935"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2315293
server-timing: cdn-cache; desc=HIT, edge; dur=102
content-length: 16306
x-content-type-options: nosniff
expires: Fri, 11 Dec 2020 22:23:20 GMT

GET
H2 200 resources-cdn.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 38 KB
38 KB 287ms
284ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-cdn.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9b28e38e151bcfc7e99f314fb6208cdf4dccb19532794a087fd06d08e8ad9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-187, origin; dur=303
content-length: 38412
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5745c-5b3dbfbc1a7aa"
x-serial: 1255
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2315367
expires: Fri, 11 Dec 2020 22:24:34 GMT

GET
H2 200 resources-glossary.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 9 KB
9 KB 287ms
283ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-glossary.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a1f08a0ffef73b63bbb91e8205a1d4560cc8ee214855558336f9d0473a20da26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-123, origin; dur=218
content-length: 8870
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:38 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "15e1b-5b3dbfbca2575"
x-serial: 390
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2315271
expires: Fri, 11 Dec 2020 22:22:58 GMT

GET
H2 200 resources-documentation.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 9 KB
10 KB 324ms
320ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-documentation.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a9dc975308ae1e0ba49e3cf0cc63c99f9e13a130898abc11746b7e1a4e749471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-298, origin; dur=395
content-length: 9650
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:38 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2788c-5b3dbfbca19b3"
x-serial: 1176
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2315227
expires: Fri, 11 Dec 2020 22:22:14 GMT

GET
H2 200 resources-for-developers.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 19 KB
20 KB 262ms
258ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-for-developers.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

19219f72fd4543cecc1d8b29990dbad3d015c4d0e380c9dce85a3302d456ce1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-80, origin; dur=118
content-length: 19460
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:39 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "33d16-5b3dbfbc9eaeb"
x-serial: 458
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2315280
expires: Fri, 11 Dec 2020 22:23:07 GMT

GET
H2 200 resources-community.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 23 KB
23 KB 278ms
274ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-community.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f8b2738e130b776517f2ea440e738df920492b1445191f068bcec61511e9d5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-69, origin; dur=105
content-length: 23374
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:38 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "38645-5b3dbfbc06758"
x-serial: 1329
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2315369
expires: Fri, 11 Dec 2020 22:24:36 GMT

GET
H2 200 products-security.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 11 KB
12 KB 324ms
321ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-security.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

42004773101c4797209f723da0d0bc72d504a0a5cc0c8ec05211a10c58ac0191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-356, origin; dur=396
content-length: 11438
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:38 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1ceb8-5b3dbfbc9f6a6"
x-serial: 1879
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2315388
expires: Fri, 11 Dec 2020 22:24:55 GMT

GET
H2 200 contact-locations.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 62 KB
62 KB 325ms
321ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/contact-locations.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

74947c105fbe072189e449936e31c01048e8d20ea4137098eff1b1fdc09ec3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-148, origin; dur=188
content-length: 62998
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Nov 2020 22:23:37 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5ae34-5b3dbfbc178c7"
x-serial: 1528
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2315167
expires: Fri, 11 Dec 2020 22:21:14 GMT

GET
H2 200 contact-us-featured.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 22 KB
22 KB 345ms
341ms Image
image/webp 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/contact-us-featured.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3dbb8c3acfe4fbeb258194c9f772218f7d4b825c0a7c96650dffe47f81495b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=-836, origin; dur=884
content-length: 22412
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2016f-5b3572c472e7b"
x-serial: 1331
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=1744294
expires: Sat, 05 Dec 2020 07:46:41 GMT

GET
H/1.1 200
OK the-akamai-blog-hero-image.png
blogs.akamai.com/images/patterns/ 273 KB
273 KB 226ms
224ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/images/patterns/the-akamai-blog-hero-image.png?imwidth=1366

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9696ba2db9650cf65d236998665cb42afb1bc877ceadd6f88fb542f7725ad557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Mon, 13 Jan 2020 12:33:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "4429f-59c04ae2fc39d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279199
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK userpic-781-100x100.png
blogs.akamai.com/mt-static/support/assets_c/userpics/ 16 KB
17 KB 12ms
9ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/mt-static/support/assets_c/userpics/userpic-781-100x100.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3b22ee26f24258ced44341fca66e9e8dc7037cc531ce7229d0eb70a78b7e7113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Mon, 09 Nov 2020 19:35:39 GMT
X-Frame-Options: SAMEORIGIN
ETag: "4120-5b3b1aac8082a"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16672
X-Content-Type-Options: nosniff

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 75ms
24ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Sun, 15 Nov 2020 03:15:07 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK WebSocketsBlog1v3_11.10-thumb-700xauto-11484.png
blogs.akamai.com/assets_c/2020/11/ 135 KB
135 KB 47ms
45ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog1v3_11.10-thumb-700xauto-11484.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

375b990e5422e1ba8307db7b5c67975b2e3667b0b1bdc9469345cfb6b2a963ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:06:08 GMT
X-Frame-Options: SAMEORIGIN
ETag: "21c45-5b3c2db50ce31"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138309
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog2v3_11.10-thumb-autox825-11486.png
blogs.akamai.com/assets_c/2020/11/ 204 KB
205 KB 33ms
33ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog2v3_11.10-thumb-autox825-11486.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

84f32e9d2bc90eba7d310965d6c3e53837e2a8681c2fc3aa710b474a8e4a7046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:51:55 GMT
X-Frame-Options: SAMEORIGIN
ETag: "331b6-5b3c37f118be0"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 209334
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog3v3_11.10-thumb-700xauto-11488.png
blogs.akamai.com/assets_c/2020/11/ 62 KB
63 KB 25ms
25ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog3v3_11.10-thumb-700xauto-11488.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1e2942cee7c1918b78c99fef5e4e14353452aa940a2340e378473392bc1508dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:53:34 GMT
X-Frame-Options: SAMEORIGIN
ETag: "f8f1-5b3c384f4ceec"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63729
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog4v3_11.10-thumb-autox1024-11490.png
blogs.akamai.com/assets_c/2020/11/ 383 KB
383 KB 30ms
30ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog4v3_11.10-thumb-autox1024-11490.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

bb26b55b6ad213db632a6a4cde85e187746648f0feef6e2eaaed82ee5ec111e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:54:35 GMT
X-Frame-Options: SAMEORIGIN
ETag: "5fa4d-5b3c388a3ccf7"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 391757
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog5v2_11.10-thumb-700xauto-11492.png
blogs.akamai.com/assets_c/2020/11/ 93 KB
94 KB 44ms
43ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog5v2_11.10-thumb-700xauto-11492.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

da19a0ad5bc11f470b286a87017889c2a95e351bf5ad91327c07f488ff958a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:55:28 GMT
X-Frame-Options: SAMEORIGIN
ETag: "175e0-5b3c38bc61b6b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95712
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog6_11.10-thumb-700x799-11480.gif
blogs.akamai.com/assets_c/2020/11/ 153 KB
153 KB 36ms
36ms Image
image/gif 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog6_11.10-thumb-700x799-11480.gif

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

533a3c28a3967a637a86822731f6ae063c9adc4210de1ce3a8aefd9961577cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 15:07:15 GMT
X-Frame-Options: SAMEORIGIN
ETag: "263ed-5b3c208c3f936"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156653
X-Content-Type-Options: nosniff

GET
H2 200 cd9f1ea0-59ae-4aca-a474-1dc30ccae008.json Show response
cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/ 2 KB
2 KB 123ms
110ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/cd9f1ea0-59ae-4aca-a474-1dc30ccae008.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0dea7631b5f30523b0e56256fb2b7d9b6dd02d4bc98556de875d6e53637802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: sk2tZCa9uS3ylpSlPJ5gNg==
status: 200
vary: Accept-Encoding
content-length: 1113
cf-request-id: 066b7f462c00002b95173bb000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Sep 2020 18:46:56 GMT
server: cloudflare
etag: 0x8D85039BBA2152E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c821ccf5-001e-00fc-77d0-b4e679000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f25ce5049c52b95-FRA

GET
H/1.1 200
OK screen3.css
blogs.akamai.com/mt-static/support/themes/akamai/ 856 KB
128 KB 32ms
31ms Stylesheet
text/css 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt-static/support/themes/akamai/screen3.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/styles-31.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b3b5a05e8b180cfb6d58884e4106df4c3e74c198e97f09c8d112a3645f265f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/styles-31.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:20 GMT
ETag: "d61b9-5909ca9b4a81f-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 130439
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK blogs_theme3_2.css
blogs.akamai.com/mt-static/support/themes/akamai/ 41 KB
8 KB 20ms
19ms Stylesheet
text/css 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/styles-31.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

68d7310e853e6676ab8a2cb0e5e815e7c514b6ea75ca1ba6674ccb0be6870bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/styles-31.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:06 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Thu, 06 Aug 2020 10:55:53 GMT
ETag: "a30f-5ac33550c5d33-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 7547
X-Content-Type-Options: nosniff

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
69 KB 20ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 580249
status: 200
vary: Accept-Encoding
content-length: 69711
cf-request-id: 066b7f46cb00009778908ce000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2475bc65-c01e-0004-31b6-b52d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f25ce514bf19778-FRA
expires: Mon, 23 Nov 2020 03:15:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5142
date: Sun, 15 Nov 2020 01:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 15 Nov 2020 03:49:25 GMT

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ 13 KB
5 KB 38ms
6ms Script
application/x-javascript 2a02:26f0:6c00::210:ba58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba58 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: Apache
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 409 KB
82 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a18b0199e70400fc2a7ece734ddafcb9bf6a4d7998910e25166cb6eebdfb5ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84193
x-xss-protection: 0
last-modified: Sun, 15 Nov 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 15 Nov 2020 03:15:07 GMT

GET
H2 200 akamai-logo.png
www.akamai.com/us/en/multimedia/images/logo/ 4 KB
4 KB 235ms
234ms Image
image/png 2a02:26f0:6c00:28c::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/logo/akamai-logo.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/screen3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28c::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3dbdbf1c436bc7ac645619e20285acf1b944a4670cb34062cd10538640932368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
referrer-policy: same-origin
last-modified: Thu, 19 Mar 2020 17:25:18 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "3077-58340f2ca4ca0"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=483188
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 4118
x-content-type-options: nosniff
expires: Fri, 20 Nov 2020 17:28:15 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb86d56383ff7fa14b5260253935ce2c27f97945519ab5ff22fde97094926914

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK icomoon.woff
blogs.akamai.com/fonts/icomoon/ 115 KB
115 KB 485ms
482ms Font
application/font-woff 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/icomoon/icomoon.woff

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8073776d34872ade5733678679780ce4fdbe3f82fed48ce45da7bd19adc41c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1cbe8-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117736
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-r.woff2
blogs.akamai.com/fonts/ubuntu/ 29 KB
30 KB 472ms
469ms Font
text/plain 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-r.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

30d2499e284c2f1815b834bfd6500bf5ad829cc9395490a4fbd9940378e9b61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "7534-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30004
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-l.woff2
blogs.akamai.com/fonts/ubuntu/ 28 KB
28 KB 472ms
459ms Font
text/plain 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-l.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

10493c31cbfb05ee4bd0f22af083230ea95ea86e926b4518fa8dd84b2fa088a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "7018-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28696
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-m.woff2
blogs.akamai.com/fonts/ubuntu/ 29 KB
30 KB 459ms
432ms Font
text/plain 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-m.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

92db72d29e0b134689e612a6b14b56876d13046f8c85452dc84398fc4a4b5e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "74a0-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
X-Content-Type-Options: nosniff

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
68 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1637969467&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&ul=en-us&de=UTF-8&dt=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2097560307&gjid=219129123&cid=392554204.1605410107&tid=UA-34883906-1&_gid=1797697961.1605410107&_r=1&_slc=1&z=61283851

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/79e79048-5d98-4078-9e1e-1feaa288d7f2/ 50 KB
13 KB 112ms
112ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/79e79048-5d98-4078-9e1e-1feaa288d7f2/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea7c7f59e99dfc7785f9ffefd329d64023dd97b9b27c1c12835fada874279a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: ELdXJ3HgbAQ02zTbDiNNQw==
status: 200
vary: Accept-Encoding
content-length: 12498
cf-request-id: 066b7f481b00002b9539188000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Sep 2020 18:43:34 GMT
server: cloudflare
etag: 0x8D85039432A043B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 60e9651c-501e-00ab-3ea1-b10ff4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f25ce535e4f2b95-FRA

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 84ms
27ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=32820
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
3 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 848485
status: 200
vary: Accept-Encoding
content-length: 3248
cf-request-id: 066b7f489400002b9536845000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c7a978a4-501e-00c6-7245-b3a5da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f25ce542f292b95-FRA
expires: Mon, 23 Nov 2020 03:15:07 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/ 42 KB
11 KB 11ms
11ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e767ae101e0f675e800b3c78bcce8b95658524a3b1df6d9d3f1931f41e31f09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8O+MrA5l6uZAF8rA//NRFA==
age: 1029122
status: 200
vary: Accept-Encoding
content-length: 11144
cf-request-id: 066b7f489400002b951ca61000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:19 GMT
server: cloudflare
etag: 0x8D84A3B56BE267C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9482acc7-601e-016b-63a1-b1c3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f25ce542f2a2b95-FRA
expires: Mon, 23 Nov 2020 03:15:07 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34796267-1&cid=392554204.1605410107&jid=1316066030&gjid=953368702&_gid=1797697961.1605410107&_u=aGDAgEABAAAAAG~&z=2047526424

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 15 Nov 2020 03:15:07 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 74ms
24ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
age: 20546
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4041-HHN
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1605410108.737206,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 23ms
8ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46099
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 92ms
36ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11761
x-xss-protection: 0
server: cafe
etag: 8854462785499610041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Nov 2020 03:15:07 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 78ms
27ms Script
application/x-javascript 104.111.241.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.218 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 uDRtxOMd.min.js Show response
scripts.demandbase.com/ 70 KB
18 KB 578ms
476ms Script
application/javascript 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/uDRtxOMd.min.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-63.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d69daccb0fc6797291cf45920cd24cc6876a52ed13a6ae5d76fc598d86c16619

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 65JtMpjs2W5KLjvnd_sFTS3SzQ796Zou
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 14:09:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "0dd3a3e96500a8f7554b4576b4d34edb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
date: Sun, 15 Nov 2020 03:15:09 GMT
x-amz-cf-id: 2RhIl6jmZILRYpa8vpfZ4g2EnKJj0TcGKG7_PrZt_gyo49JkcD-Tag==
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/www14/ptc/ 203 KB
45 KB 21ms
6ms Script
application/javascript 2a02:26f0:6c00:2a0::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www14/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a0::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780ea58d20d64c191392bd73c0aa82de2f2d1164da02e3f50bfc8b1587688d01

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 6njAwLRD2FZkj18hUDIspLpW6.kVFg3H
content-encoding: gzip
etag: "40f7ad7e993c41d3483316c56ff5dc5f"
x-amz-request-id: A13BC9B5E7A074EC
status: 200
content-length: 45165
x-amz-id-2: /vBOIPB5KK7CUgxwyxqBX8fTIqaWUGj2hr0nd32pQfhb3t1RIrKI+d3vuKGvycDgFdGdg/2V/ec=
last-modified: Thu, 12 Nov 2020 09:50:11 GMT
server: AmazonS3
date: Sun, 15 Nov 2020 03:15:07 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Sun, 15 Nov 2020 03:25:07 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 83ms
35ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e4055fd84425e3545c1c91b2d9a2ac5ffbb2aa53a1ab5510c19ca6277bca1571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11440
x-xss-protection: 0
server: cafe
etag: 18316426844545619554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Nov 2020 03:15:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23272
x-xss-protection: 0
pragma: public
x-fb-debug: EMkeWAL3rQu1rCZNftoBopp9yfbhY19eFS03oh+waPcE6Mas1zJNfflUEM5aZMieGTlwp3LW2erbWcdyI9RHsQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 15 Nov 2020 03:15:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1637969467&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&dp=%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html%3F&ul=en-us&de=UTF-8&dt=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAC~&jid=1316066030&gjid=953368702&cid=392554204.1605410107&tid=UA-34796267-1&_gid=1797697961.1605410107&gtm=2wgb41MP7VKD&cd1=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd29=Not%20Known%20Bot&cd32=Not%20Known%20Bot&cd46=blogs-us&cd47=392554204.1605410107&cd64=Cloud%20Security%2CRetail%20%26%20Commerce&cd66=&cd80=0.5750749127524342_1605410107647&z=625615432

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 01:25:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6554
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dakamai.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=akamai.com&pId=9066100310178867384

4 B
485 B

391ms
223ms

Image
image/jpeg

54.239.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=akamai.com&pId=9066100310178867384
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.239.192.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-239-192-38.waw50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:08 GMT
Via: 1.1 af49d962d25539f633834af35e0ac9d1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: WAW50-C1
x-amzn-RequestId: 9585764e-757c-4b71-bb69-115b9a3aa995
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
X-Amzn-Trace-Id: Root=1-5fb09d3c-3e1444d7605cc5b31be74e69;Sampled=0
Connection: keep-alive
x-amz-apigw-id: WB2BdEy_IAMFbig=
Content-Length: 4
X-Amz-Cf-Id: EraVWVl9j8vzBfQhze3Paph4Y1WQVHhmCN5OKp7tZ1e4KfJhud_cHQ==

Redirect headers

Pragma: no-cache
Date: Sun, 15 Nov 2020 03:15:08 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid: c07cce65-d5dc-45fd-b112-85352d3f6147
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=akamai.com&pId=9066100310178867384
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34796267-1&cid=392554204.1605410107&jid=1316066030&_u=aGDAgEABAAAAAG~&z=1443441193

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34796267-1&cid=392554204.1605410107&jid=1316066030&_u=aGDAgEABAAAAAG~&z=1443441193

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=11205
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2 200 1276761735802781 Show response
connect.facebook.net/signals/config/ 235 KB
69 KB 87ms
78ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1276761735802781?v=2.9.28&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73e1939abae8a1f61155fb609ea6ea8dbb987aa9f16b23dd9f3dbd65c78ff68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 88RFvI2tXMrRrb7G2WeVKgdnu1BIKvNt8PMY0jo9Hy+gcefJkUokrZ0OqC17MB9wM7K4SxvaKyAfbWy8+yOXNA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 15 Nov 2020 03:15:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/ptc/ 57 KB
14 KB 14ms
10ms Script
application/javascript 2a02:26f0:6c00:2a0::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www14/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a0::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29f69e95876c66e283bb1b262c4b6a138f38e1cf5ee38a3a87e2814df6aefa8c

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: T4IN0UFb9hW.detlXTwHfcM1t2H3W7kW
content-encoding: gzip
etag: "0aa215c5963b53ef3f0a06cdcb5fa668"
x-amz-request-id: 5FFAD33010927A0E
status: 200
content-length: 14326
x-amz-id-2: iMdsLEoOc3LmxDEkg2QoUSIb2QulX0+ZaIhyOwi8Exq03vYBVnFCq0OWY1VDVHMb6sTBG52QIgs=
last-modified: Fri, 13 Nov 2020 01:24:45 GMT
server: AmazonS3
date: Sun, 15 Nov 2020 03:15:07 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Sun, 15 Nov 2020 03:25:07 GMT

GET
BLOB 200
OK 75fbed20-92f4-4aaf-bf04-34246ca27cd7
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/75fbed20-92f4-4aaf-bf04-34246ca27cd7
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6342
Content-Type: application/javascript

GET
BLOB 200
OK df784ae8-8af6-441b-a3a7-303bda67dbb0
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/df784ae8-8af6-441b-a3a7-303bda67dbb0
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6342
Content-Type: application/javascript

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 63ms
62ms Script
application/x-javascript 104.111.241.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.218 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Tue, 23 Feb 2021 03:15:07 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 258ms
168ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nujvn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Sun, 15 Nov 2020 03:15:08 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8eabdad26c02c98744dd002ca43681c0
x-transaction: 0099664100072d86
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605410107904&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensi...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D62114%26time%3D1605410107904%26url%3Dhttps%253A%252F%252Fblogs.akamai.com%252F202...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605410107904&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensi...

0
58 B

181ms
181ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605410107904&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&liSync=true
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:08 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: OfCn3fyPRxbQjLBRpysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: Axf+1vyPRxbgHcSLGysAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 2FB5197660CE424A822B211072E7707B Ref B: FRAEDGE1114 Ref C: 2020-11-15T03:15:08Z
x-frame-options: sameorigin
date: Sun, 15 Nov 2020 03:15:07 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605410107904&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/ 3 KB
1 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/?random=1605410107906&cv=9&fst=1605410107906&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d24692e3fe5375d0ca9328ac0ce5ac7c3fb5002b9859b3030db1529de61e4c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1276761735802781&ev=PageView&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&rl=&if=false&ts=1605410107974&sw=1600&sh=1200&v=2.9.28&r=stable&ec=0&o=30&fbp=fb.1.1605410107972.1499735728&it=1605410107774&coo=false&rqm=GET

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 15 Nov 2020 03:15:07 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/ 2 KB
2 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/?random=1605410107976&cv=9&fst=1605410107976&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

148ae7de691df4474ce5a8711290a89434480f03a4f56fed93c0d3198466cb9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1145
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/pcc/ 161 KB
40 KB 11ms
9ms Script
application/javascript 2a02:26f0:6c00:2a0::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/pcc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js?DeploymentConfigName=Release_20201014&Version=5
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a0::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e50a46a1fd4f05aa7429af42a6639e888493df71782bac4527295fb36ee9d75e

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BJ62TS.ObDTftBeg0YPy.gkc7X2qxQNp
content-encoding: gzip
etag: "9836c3bea1d4199f192061b0a3a3d316"
x-amz-request-id: CC3F56B1839DF08C
status: 200
content-length: 40652
x-amz-id-2: LTT2krVq1pQU8+/8/DYbdqet/WP3gAlH5ChxRxBjCKo6tXHRMVNwWdCov4KIK7tYS0Xgucx9jeI=
last-modified: Wed, 14 Oct 2020 17:15:22 GMT
server: AmazonS3
date: Sun, 15 Nov 2020 03:15:07 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Nov 2021 03:15:07 GMT

GET
H2 200 latest-WR110.js Show response
cdnssl.clicktale.net/www/ 54 KB
18 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:2a0::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a0::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aae274ea0ffe43e0504cf9d70015a59dd87b20713c1061f8ed91f0c738262771

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: FB5YB3Kuoc.rKy8xu20Fm6Doy3Y7jiuL
content-encoding: gzip
etag: "d27610e9499e15a8696c6393f7c046f1"
x-amz-request-id: C108947597ECFBAA
status: 200
content-length: 18531
x-amz-id-2: ixMvfb5GDaB5MVxXCnhKur+nWyIiLOyVnE3JIzdDVw51Xb7pFAQ8ZawXn0UsrNeCa1jtjwDgGrw=
last-modified: Thu, 29 Oct 2020 13:13:12 GMT
server: AmazonS3
date: Sun, 15 Nov 2020 03:15:07 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 16 Nov 2020 03:15:07 GMT

GET
H/1.1 200
OK visitWebPage Show response
642-skn-449.mktoresp.com/webevents/ 2 B
311 B 573ms
100ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://642-skn-449.mktoresp.com/webevents/visitWebPage?_mchNc=1605410107997&_mchCn=&_mchId=642-SKN-449&_mchTk=_mch-akamai.com-1605410107997-72010&_mchWs=j1RQ&_mchHo=blogs.akamai.com&_mchPo=&_mchRu=%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:08 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 32284bfe-fdee-4365-b11a-17a76f3daf92

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/849939417/ 42 B
530 B 157ms
96ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849939417/?random=1605410107976&cv=9&fst=1605409200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&fmt=3&is_vtc=1&random=392508685&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/849939417/ 42 B
66 B 157ms
96ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849939417/?random=1605410107976&cv=9&fst=1605409200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&fmt=3&is_vtc=1&random=392508685&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/849939417/ 42 B
66 B 156ms
96ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849939417/?random=1605410107906&cv=9&fst=1605409200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&async=1&fmt=3&is_vtc=1&random=3040810249&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/849939417/ 42 B
530 B 91ms
31ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849939417/?random=1605410107906&cv=9&fst=1605409200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&async=1&fmt=3&is_vtc=1&random=3040810249&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/auth/ 238 B
388 B 310ms
94ms XHR
application/json 35.172.25.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/auth/?pid=25500&as=1&1688782965&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.25.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-25-79.compute-1.amazonaws.com
Software: /
Resource Hash: 2552a1c26b2d60701545353debfa1de8386b583969d0fd961796bcee9fe6bf44

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Sun, 15 Nov 2020 03:15:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://blogs.akamai.com
content-length: 238
content-type: application/json; charset=UTF-8

GET
H2 200 pageview
c.clicktale.net/ 43 B
416 B 137ms
38ms Image
image/gif 34.253.21.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageview?pid=4400&uu=ded7c8ef-127f-a58e-988f-adb6e7a931e5&sn=1&lv=1605410108&lhd=1605410108&hd=1605410108&re=1&pn=1&dw=1600&dh=6909&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&uc=1&la=en-US&cvars=%7B%221%22%3A%5B%22Content%20Tag%22%2C%22Cloud%20Security%2CRetail%20%26%20Commerce%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-us%22%5D%7D&cvarp=%7B%221%22%3A%5B%22Content%20Tag%22%2C%22Cloud%20Security%2CRetail%20%26%20Commerce%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-us%22%5D%7D&v=9.33.0&r=880313
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.21.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-21-206.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 4494d3ea-de98-4360-9585-825df40de196
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/4494d3ea-de98-4360-9585-825df40de196
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6342
Content-Type: application/javascript

GET
H2 200 pageEvent
c.clicktale.net/ 43 B
415 B 125ms
39ms Image
image/gif 34.253.21.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageEvent?value=MIewdgZglg5gXAAgEoFMA2KCGBnFB9AJgAZiBGI0gFiAAA%3D%3D&isETR=false&v=9.33.0&pid=4400&uu=ded7c8ef-127f-a58e-988f-adb6e7a931e5&sn=1&pn=1&r=993717
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.21.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-21-206.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 dvar
c.clicktale.net/ 43 B
415 B 122ms
39ms Image
image/gif 34.253.21.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/dvar?v=9.33.0&pid=4400&uu=ded7c8ef-127f-a58e-988f-adb6e7a931e5&sn=1&pn=1&dv=N4IgxgzgsghgLmAFgSwHYHMDSBTAniALhAAYA6AVgHZzjKAWATgEYAmalugZjpYH0mAbMXJ0mxMZQF1KIAL5AA%3D%3D&r=143795
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.21.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-21-206.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 431 B
940 B 190ms
94ms XHR
application/json 54.239.192.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&page_title=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&src=tag&key=c07e50e50d026064d820ab45cdd46518636e8993
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/uDRtxOMd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.239.192.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-239-192-123.waw50.r.cloudfront.net
Software: nginx /
Resource Hash: caad3eb3537eefdd9a3e97b626e5cdaadc483894c7aa556f6824fb1a0cf13769

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:08 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: WAW50-C1
x-cache: Miss from cloudfront
status: 200
request-id: c456abc9-6d72-4a8e-8f36-b5e9ff6eeb8a
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://blogs.akamai.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 7cbbe7c1ce97c17d13c405bf29da748d.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: daHLJJXz5uUkRliLIVum4eMyzzjDB2W8KBROHscJKpWD30RF-qMEmw==
expires: Sat, 14 Nov 2020 03:15:08 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAGsQE6_YToAABB0RUWiUw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGsQE6_YToAABB0RUWiUw&verifyHash=ee7a0b8f27b112858793388ae422469dc549f8be

26 B
409 B

206ms
206ms

Image
image/gif

143.204.215.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGsQE6_YToAABB0RUWiUw&verifyHash=ee7a0b8f27b112858793388ae422469dc549f8be
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-100.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 03:15:08 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: bc7c9842af6a1db7
X-Amz-Cf-Id: Hc1ZYDmmkDnkM5tu24QZDIdEUTOjCyPRVEHvjJJqMAicro6QG1ASUg==

Redirect headers

Date: Sun, 15 Nov 2020 03:15:08 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAGsQE6_YToAABB0RUWiUw&verifyHash=ee7a0b8f27b112858793388ae422469dc549f8be
Connection: keep-alive
trace-id: bba7c33ee8c2cfda
Content-Length: 0
X-Amz-Cf-Id: mNMMug6dURBC2yF5uxiu_MB0XzKUxTl31-GSC6KBrDelrhVicIJa-A==

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1637969467&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&dp=%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html%3F&ul=en-us&de=UTF-8&dt=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAiEABBAAAAG~&jid=&gjid=&cid=392554204.1605410107&tid=UA-34796267-1&_gid=1797697961.1605410107&gtm=2wgb41MP7VKD&cd1=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd29=Not%20Known%20Bot&cd32=Not%20Known%20Bot&cd46=blogs-us&cd47=392554204.1605410107&cd64=Cloud%20Security%2CRetail%20%26%20Commerce&cd66=&cd80=0.5750749127524342_1605410107647&cd4=Bot&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=France&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=IDF&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&cd19=(Non-Company%20Visitor)&cd20=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&cd51=(Non-Company%20Visitor)&cd59=(Non-Company%20Visitor)&z=466635086

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 01:25:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6555
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WR118b.js Show response
cdnssl.clicktale.net/www/ 113 KB
36 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2a0::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/WR118b.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a0::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79e7bbd861755f670d155016146c3f83f61661eb20495627266a5e6569c1bc03

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hgVr5a.ukRqk_sVg8uIRfAQucofhpJuo
content-encoding: gzip
etag: "534d1584b1a61113afdd74bb0ae033aa"
x-amz-request-id: 56966A246C949E3C
status: 200
content-length: 36419
x-amz-id-2: 5+6x4s/kzO+8kOEW4pQ7Cz5NXa8QeL0yKNjiVauGFyDCwSgKW6XqdNis+sMIB6vWw35vwjSBIzE=
last-modified: Thu, 29 Oct 2020 12:52:34 GMT
server: AmazonS3
date: Sun, 15 Nov 2020 03:15:08 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Nov 2021 03:15:08 GMT

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
101 B 276ms
92ms XHR
text/plain 35.172.25.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3036605783015969&25500&11&0&0&0&264&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.25.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-25-79.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Sun, 15 Nov 2020 03:15:08 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 58a9fb59-29bb-4e0b-b9ea-3ab152477131
https://blogs.akamai.com/ 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/58a9fb59-29bb-4e0b-b9ea-3ab152477131
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 0

GET
H2 200 dvar
c.clicktale.net/ 43 B
415 B 37ms
36ms Image
image/gif 34.253.21.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/dvar?v=9.33.0&pid=4400&uu=ded7c8ef-127f-a58e-988f-adb6e7a931e5&sn=1&pn=1&dv=N4IgggQgsg%2BgIhGBJAdgMwPYCcC2BDAFwEsMUACAGQFMA3KgGxAC4QI8BnIgYxABpxo8RGACuAEyJUUXKs1YYCIAL5AAAA%3D%3D&r=443211
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.21.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-21-206.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 03:15:08 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-54527f043b9dd729/ 12 KB
2 KB 177ms
175ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-54527f043b9dd729/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec0ef12b22c4df7e2a0a9f7bc3eeb70daaf7e5358beac2865fb3c1d43457ca80

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:09 GMT
content-encoding: gzip
etag: 1540161347--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=53, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1586

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 199ms
190ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fb09d3b48039360&bkl=0&bl=1&pdt=100&sid=5fb09d3b48039360&pub=ra-54527f043b9dd729&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=blogs.akamai.com&fp=2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Magecart%2CIn-browser%20security%2Cclient-side%20protection%2Cweb%20skimming%2Cformjacking%2CPage%20Integrity%20Manager%2CMagecart%2CIn-browser%20security%2Cclient-side%20protection%2Cweb%20skimming%2Cformjacking%2CPage%20Integrity%20Manager&colc=1605410108929&jsl=8193&uvs=5fb09d3b003a6aab000&skipb=1&callback=addthis.cbs.jsonp__137972886902973930
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 83782d20c320820f80a45da8c9ad6a5ef71346b29545c7beeb893abb8c9dd5f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 15 Nov 2020 03:15:09 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 08EE 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 8CCB 0
0 30ms
29ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 15 Nov 2020 03:15:08 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 195ms
144ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nujvn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Sun, 15 Nov 2020 03:15:09 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 99a6b1c27f65f1527487d44dfa0c9474
x-transaction: 004dbe5200b8f082
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/135745/ 0
269 B 6ms
6ms Image
text/html 2a02:26f0:6c00::210:ba58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/135745/b?dE=48&cS=48&cE=69&rqS=69&rsS=88&rsE=93&sS=53&dl=91&di=597&fp=447&dlS=597&dlE=597&dc=2147&leS=2148&leE=2208&to=&ol=0&cr=4&mt=&mb=&b=273&u=https%3A//blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/83.0.4103.61%20Safari/537.36&pl=Linux%20x86_64&us=&gh=2.16.186.181&t=&rid=e949f5f&r=31714&akM=&akN=ae&vc=14:17&bpcip=ag1z17ozci&akTX=1&akTI=e949f5f&ai=197727&pmgn=rumBlogsAkamaiCom&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba58 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Nov 2020 03:15:09 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Sun, 15 Nov 2020 03:15:09 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 27ms
25ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Sun, 15 Nov 2020 03:15:09 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
BLOB 200
OK 2740ee5d-3a03-4259-8f69-aeebe9beb9f8
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/2740ee5d-3a03-4259-8f69-aeebe9beb9f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
BLOB 200
OK 2d45c495-5558-45d9-8eb2-c57901655bf4
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/2d45c495-5558-45d9-8eb2-c57901655bf4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 89ms
89ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-68f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Sun, 15 Nov 2020 03:15:09 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
320 B 88ms
84ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
last-modified: Sun, 15 Nov 2020 02:00:00 GMT
server: nginx/1.15.8
date: Sun, 15 Nov 2020 03:15:09 GMT
status: 200
content-type: application/json
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-transform, max-age=0, s-maxage=300
access-control-allow-credentials: true
content-length: 2

GET
BLOB 200
OK 447a4540-e683-4da5-a628-55fe789ebb53
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/447a4540-e683-4da5-a628-55fe789ebb53
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
BLOB 200
OK 2b514854-f224-49b8-b704-73a16093e470
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/2b514854-f224-49b8-b704-73a16093e470
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1276761735802781&ev=Microdata&if=false&ts=1605410109580&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog%22%2C%22meta%3Adescription%22%3A%22A%20new%20skimmer%20attack%20was%20discovered%20this%20week%2C%20targeting%20various%20online%20e-commerce%20sites%20built%20with%20different%20frameworks.%20As%20of%20the%20writing%20of%20this%20blog%20post%2C%20the%20attack%20is%20still%20active%20and%20exfiltrating%20data.%22%2C%22meta%3Akeywords%22%3A%22Magecart%2C%20In-browser%20security%2C%20client-side%20protection%2C%20web%20skimming%2C%20formjacking%2C%20Page%20Integrity%20Manager%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.28&r=stable&ec=1&o=30&fbp=fb.1.1605410107972.1499735728&it=1605410107774&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 03:15:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 15 Nov 2020 03:15:09 GMT

GET
BLOB 200
OK c99e9754-e25d-4de4-a6f8-1379a3416bf5
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/c99e9754-e25d-4de4-a6f8-1379a3416bf5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 95ms
92ms XHR
text/plain 35.172.25.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3036605783015969&25500&11&1&3&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.25.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-25-79.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 15 Nov 2020 03:15:09 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 98ms
96ms XHR
text/plain 35.172.25.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3036605783015969&25500&11&2&5&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.25.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-25-79.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 15 Nov 2020 03:15:09 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 93ms
92ms XHR
text/plain 35.172.25.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3036605783015969&25500&11&3&4&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.25.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-25-79.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 15 Nov 2020 03:15:09 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 155ms
155ms XHR
text/plain 35.172.25.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3036605783015969&25500&11&4&2&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.25.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-25-79.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 15 Nov 2020 03:15:09 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 188ms
188ms XHR
text/plain 35.172.25.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3036605783015969&25500&11&5&1&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.25.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-25-79.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 15 Nov 2020 03:15:10 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blogs.akamai.com/	1970-01-19 13:56:51	Name: __atuvs Value: 5fb09d3b003a6aab000
blogs.akamai.com/	1970-01-19 23:25:38	Name: __atuvc Value: 1%7C47
.akamai.com/	1970-01-19 22:42:26	Name: __CT_Data Value: gpv=1&ckp=tld&dm=akamai.com&apv_25500_www14=1&cpv_25500_www14=1&rpv_25500_www14=1
.akamai.com/	1970-01-19 14:40:02	Name: _CT_RS_ Value: Recording
blogs.akamai.com/	1970-01-19 14:40:02	Name: clientId Value: 392554204.1605410107
.akamai.com/	1970-01-19 13:56:51	Name: _cs_s Value: 1.1
.akamai.com/	1970-01-19 23:26:14	Name: _cs_id Value: ded7c8ef-127f-a58e-988f-adb6e7a931e5.1605410108.1.1605410108.1605410108.1.1639574108164.Lax.0
.akamai.com/	1970-01-20 07:28:02	Name: _mkto_trk Value: id:642-SKN-449&token:_mch-akamai.com-1605410107997-72010
.akamai.com/	1970-01-19 16:06:26	Name: _fbp Value: fb.1.1605410107972.1499735728
.akamai.com/	1970-01-19 22:42:26	Name: WRUID20200910 Value: 3036605783015969
.akamai.com/	1970-01-19 13:56:50	Name: _dc_gtm_UA-34796267-1 Value: 1
.akamai.com/	1970-01-19 13:56:51	Name: _cs_mk Value: 0.5750749127524342_1605410107647
.akamai.com/	1970-01-19 23:26:14	Name: _cs_c Value: 1
.akamai.com/	1970-01-19 16:06:26	Name: _gcl_au Value: 1.1.2125101592.1605410108
.akamai.com/	1970-01-19 13:56:50	Name: _gat Value: 1
.akamai.com/	1970-01-19 13:56:57	Name: ak_bmsc Value: 19F5EA340C94394427A8ED7CA14CDCAA0210BAB5352A00003A9DB05FF12BC644~pldLqDWZ9L9Vck2yzF4K51MlpkqpcOKh1CCsfBhXWonhc8vfLc0n2Uun2hGhmECFgqMQbmtTpzm5Y4fjKQHJGx0kl0YZoXUJQRuMSR2v0BnzdGoB8eUTUnd7bYC3uFC83iNzb+0iunDDbeZMNKwanrSM4S2yLPtIMVntKzAPUUssEWIHYZTePyb4sz4nvVkoKoeu9OlAQWYkLiz32IiBTKOpDlT5iZsbAxdKk15x0r4g0=
.akamai.com/	1970-01-19 13:58:16	Name: _gid Value: GA1.2.1797697961.1605410107
.akamai.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%221%22%3A%5B%22Content%20Tag%22%2C%22Cloud%20Security%2CRetail%20%26%20Commerce%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-us%22%5D%7D
.blogs.akamai.com/	1970-01-19 22:42:26	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sun+Nov+15+2020+04%3A15%3A07+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&consentId=6494a013-c87e-461d-aa3c-0a09e07ddab7&interactionCount=0&landingPath=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1
.akamai.com/	1970-01-20 07:28:02	Name: _ga Value: GA1.2.392554204.1605410107

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html(Line 1829) Message: null
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 642-SKN-449 [object Object]
console-api	debug	(Line 1) Message: * ga found *
console-api	debug	(Line 1) Message: * client id tag fired *
console-api	debug	(Line 2) Message: * Client Id - 392554204.1605410107 is set to cookie *
console-api	debug	(Line 2) Message: * Client Id - 392554204.1605410107 is added to global var *

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

642-skn-449.mktoresp.com
analytics.twitter.com
api-public.addthis.com
api.company-target.com
attr.ml-api.io
blogs.akamai.com
c.clicktale.net
cdn.cookielaw.org
cdnssl.clicktale.net
connect.facebook.net
ds-aksb-a.akamaihd.net
googleads.g.doubleclick.net
ing-district.clicktale.net
m.addthis.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
s.ml-attr.com
s7.addthis.com
scripts.demandbase.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
v1.addthisedge.com
www.akamai.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
z.moatads.com
s7.addthis.com
104.111.241.218
104.244.42.195
104.244.42.69
104.75.88.112
143.204.215.100
143.204.215.63
151.101.112.157
172.217.18.162
185.33.221.88
192.28.144.124
2.18.235.40
2606:4700::6810:9540
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2008
2a00:1450:400c:c00::9c
2a02:26f0:6c00:28c::6a3
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:297::2469
2a02:26f0:6c00:2a0::2db0
2a02:26f0:6c00::210:ba58
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
34.253.21.206
35.172.25.79
54.171.14.147
54.239.192.123
54.239.192.38
68.67.153.60
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907
10493c31cbfb05ee4bd0f22af083230ea95ea86e926b4518fa8dd84b2fa088a3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
148ae7de691df4474ce5a8711290a89434480f03a4f56fed93c0d3198466cb9f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19219f72fd4543cecc1d8b29990dbad3d015c4d0e380c9dce85a3302d456ce1e
1e2942cee7c1918b78c99fef5e4e14353452aa940a2340e378473392bc1508dc
2552a1c26b2d60701545353debfa1de8386b583969d0fd961796bcee9fe6bf44
29f69e95876c66e283bb1b262c4b6a138f38e1cf5ee38a3a87e2814df6aefa8c
2a7af71edf6d8f39d2c39679cf0ba2f52b10f72a82be4ea866e97590f7be850e
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
30d2499e284c2f1815b834bfd6500bf5ad829cc9395490a4fbd9940378e9b61c
375b990e5422e1ba8307db7b5c67975b2e3667b0b1bdc9469345cfb6b2a963ef
3b22ee26f24258ced44341fca66e9e8dc7037cc531ce7229d0eb70a78b7e7113
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dbb8c3acfe4fbeb258194c9f772218f7d4b825c0a7c96650dffe47f81495b19
3dbdbf1c436bc7ac645619e20285acf1b944a4670cb34062cd10538640932368
42004773101c4797209f723da0d0bc72d504a0a5cc0c8ec05211a10c58ac0191
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
4ea2958d7ec4ed3e4e29d5398463fd4196e128795eb99b467cd548aff6495b63
533a3c28a3967a637a86822731f6ae063c9adc4210de1ce3a8aefd9961577cdd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e0dea7631b5f30523b0e56256fb2b7d9b6dd02d4bc98556de875d6e53637802
5ea7c7f59e99dfc7785f9ffefd329d64023dd97b9b27c1c12835fada874279a8
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1
68d7310e853e6676ab8a2cb0e5e815e7c514b6ea75ca1ba6674ccb0be6870bf2
6ec3ee32d1247df1e638ba7c2ee725916ba461173c1fb0eed726398ad761b42b
725a6e06c6c4db64af816ee1d9f6a82d1d5c99439c2ffe3cd1a58413c736946a
73e1939abae8a1f61155fb609ea6ea8dbb987aa9f16b23dd9f3dbd65c78ff68d
74947c105fbe072189e449936e31c01048e8d20ea4137098eff1b1fdc09ec3c3
780ea58d20d64c191392bd73c0aa82de2f2d1164da02e3f50bfc8b1587688d01
78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90
79e7bbd861755f670d155016146c3f83f61661eb20495627266a5e6569c1bc03
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
8073776d34872ade5733678679780ce4fdbe3f82fed48ce45da7bd19adc41c25
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83782d20c320820f80a45da8c9ad6a5ef71346b29545c7beeb893abb8c9dd5f4
837b1df4e6afd164cddafe91e5801b3dfe5758c32418d1d5236d6c8a23eaf003
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f32e9d2bc90eba7d310965d6c3e53837e2a8681c2fc3aa710b474a8e4a7046
92db72d29e0b134689e612a6b14b56876d13046f8c85452dc84398fc4a4b5e1f
943bf13a74414d92ca5351ee76bb447f6d251b4de19a82f0160f2450de186402
94b8297f3fb848f41fa988ebc575f65c4aa2e458f04dba48025287249bcba66f
9696ba2db9650cf65d236998665cb42afb1bc877ceadd6f88fb542f7725ad557
9b28e38e151bcfc7e99f314fb6208cdf4dccb19532794a087fd06d08e8ad9c52
9b8e4ce379725beb99115050b7339852a1281bdab67ef7bc271a4a48b46969a3
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
9e03a63a27af3ed05eadbfdb9d7de4ccbfe24adadfa2c3390c70dc09bbd729fb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a18b0199e70400fc2a7ece734ddafcb9bf6a4d7998910e25166cb6eebdfb5ded
a1f08a0ffef73b63bbb91e8205a1d4560cc8ee214855558336f9d0473a20da26
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a9dc975308ae1e0ba49e3cf0cc63c99f9e13a130898abc11746b7e1a4e749471
aae274ea0ffe43e0504cf9d70015a59dd87b20713c1061f8ed91f0c738262771
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b5a05e8b180cfb6d58884e4106df4c3e74c198e97f09c8d112a3645f265f71
b3d0954dce6e71682556b1c8ccaabb10adfb2ff8d6c1dd5c6a989660dcfa967b
b458ee55ed784747e997d444d829a353186fa44f5762afe54c626b9fcec8aef5
bb26b55b6ad213db632a6a4cde85e187746648f0feef6e2eaaed82ee5ec111e2
c1ce34720ab476653c4261c268701931bfd437ce6701e18a131a7c6abc37b7b5
c52b6154710730fad4aea6cfd15cfd7226a6301285655980feff5cca135bb8c4
caad3eb3537eefdd9a3e97b626e5cdaadc483894c7aa556f6824fb1a0cf13769
d0b69006ced59bc683ec91dfa4c2647931b7f9e2fb0b28fb4aad32b3eb56747b
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d24692e3fe5375d0ca9328ac0ce5ac7c3fb5002b9859b3030db1529de61e4c41
d327bc6cab8bbd2cc9cb1190c836e414b1c13ba03fd05c1f7e4adca28af12968
d69daccb0fc6797291cf45920cd24cc6876a52ed13a6ae5d76fc598d86c16619
da19a0ad5bc11f470b286a87017889c2a95e351bf5ad91327c07f488ff958a93
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4055fd84425e3545c1c91b2d9a2ac5ffbb2aa53a1ab5510c19ca6277bca1571
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4f900e261a4e95471b85d1b1a97e796c1de085fe6e3db2bd7bb7b3b5bb1e507
e50a46a1fd4f05aa7429af42a6639e888493df71782bac4527295fb36ee9d75e
e767ae101e0f675e800b3c78bcce8b95658524a3b1df6d9d3f1931f41e31f09a
ec0ef12b22c4df7e2a0a9f7bc3eeb70daaf7e5358beac2865fb3c1d43457ca80
edfc6dedf98d3024cc61633b2ee53ab4398e59ad287b132ecf6a41a0acb47d68
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f32102e74e82fcae9c748b45d50ba0f5c112b60984f47db9eba4c1020770ef7f
f8b2738e130b776517f2ea440e738df920492b1445191f068bcec61511e9d5fc
f8e55488b7aab65a10ccfaa3990a2915d64c722d9b8bf384cd346a04fc511a0b
fb86d56383ff7fa14b5260253935ce2c27f97945519ab5ff22fde97094926914
fbd7dc11673944c030c85b314432593439647c0c602eee37dee363c2644465e4

blogs.akamai.com Open in urlscan Pro 2a02:26f0:6c00:297::2469 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

119 Requests

92 %HTTPS

48 %IPv6

28 Domains

36 Subdomains

30 IPs

6 Countries

3037 kBTransfer

6324 kBSize

20 Cookies

74 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blogs.akamai.com Open in urlscan Pro
2a02:26f0:6c00:297::2469 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

92 %
HTTPS

48 %
IPv6

28
Domains

36
Subdomains

30
IPs

6
Countries

3037 kB
Transfer

6324 kB
Size

20
Cookies

119 HTTP transactions
2 data transactions