urlscan.io logo urlscan.io
SecurityTrails logo

www.bitsight.com Open in urlscan Pro
2606:4700:10::6816:4bf2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://outreach.bitsighttech.com/t/9165/sc/59700d00-21e1-417a-a1ea-4b772febe426/NB2HI4DTHIXS653XO4XGE2LUONUWO2DUFZRW63JPMJWG6ZZPG...
Effective URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Submission: On August 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 4 countries across 40 domains to perform 136 HTTP transactions. The main IP is 2606:4700:10::6816:4bf2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bitsight.com.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.
This is the only time www.bitsight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.4.159.196 14618 (AMAZON-AES)
1 1 52.58.159.139 16509 (AMAZON-02)
28 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 13.224.189.13 16509 (AMAZON-02)
5 152.195.15.58 15133 (EDGECAST)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
1 216.200.232.249 6461 (ZAYO-6461)
1 18.245.46.44 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 18.193.212.223 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 151.101.65.140 54113 (FASTLY)
1 151.101.1.140 54113 (FASTLY)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.96.71.22 396982 (GOOGLE-CL...)
1 35.244.174.68 15169 (GOOGLE)
1 18.66.102.75 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 52.50.95.132 16509 (AMAZON-02)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2600:9000:249... 16509 (AMAZON-02)
3 6 185.89.210.20 29990 (ASN-APPNEX)
2 2 52.213.41.47 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 34.107.254.252 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
13 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.49.241.189 396982 (GOOGLE-CL...)
2 2600:9000:204... 16509 (AMAZON-02)
1 1 50.18.136.92 16509 (AMAZON-02)
1 1 52.42.11.125 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.2.126.120 14618 (AMAZON-AES)
8 3.88.83.211 14618 (AMAZON-AES)
1 34.213.234.25 16509 (AMAZON-02)
1 18.154.22.21 16509 (AMAZON-02)
136 48
1    52.4.159.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-159-196.compute-1.amazonaws.com
outreach.bitsighttech.com
1    52.58.159.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-159-139.eu-central-1.compute.amazonaws.com
app.salesloft.com
28    2606:4700:10::6816:4bf2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bitsight.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
1    2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
1    2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)
a26349430206.cdn.optimizely.com
4    13.224.189.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-13.fra2.r.cloudfront.net
consent.trustarc.com
5    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
cdn.bizibly.com
1    2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    216.200.232.249 (Frederick, United States)

ASN6461 (ZAYO-6461, US)
pixel.mathtag.com
1    18.245.46.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-44.fra56.r.cloudfront.net
tag.demandbase.com
1    2606:4700::6810:752b (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    18.193.212.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-212-223.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    18.66.102.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-75.fra56.r.cloudfront.net
api.company-target.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
7    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    52.50.95.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-95-132.eu-west-1.compute.amazonaws.com
go.affec.tv
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2600:9000:2490:d800:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag-logger.demandbase.com
6    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    52.213.41.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-41-47.eu-west-1.compute.amazonaws.com
map.go.affec.tv
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
2    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
forms.hubspot.com
2    2606:4700::6812:1d9b (United States)

ASN13335 (CLOUDFLARENET, US)
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
13    2606:4700::6812:1c9b (United States)

ASN13335 (CLOUDFLARENET, US)
wsv3cdn.audioeye.com
2    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
2    2600:9000:2042:ba00:2:7dc7:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.trendemon.com
1    50.18.136.92 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-136-92.us-west-1.compute.amazonaws.com
tracking.intentsify.io
1    52.42.11.125 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-11-125.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
1    2606:4700:20::681a:37a (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
1    52.2.126.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-126-120.compute-1.amazonaws.com
i.liadm.com
8    3.88.83.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-83-211.compute-1.amazonaws.com
trackingapi.trendemon.com
1    34.213.234.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-234-25.us-west-2.compute.amazonaws.com
analytics.audioeye.com
1    18.154.22.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-22-21.mad53.r.cloudfront.net
pic.trendemon.com
Apex Domain
Subdomains		 Transfer
28 bitsight.com
www.bitsight.com
285 KB
16 audioeye.com
wsmcdn.audioeye.com — Cisco Umbrella Rank: 10943
wsv3cdn.audioeye.com — Cisco Umbrella Rank: 7253
analytics.audioeye.com — Cisco Umbrella Rank: 8361
334 KB
11 trendemon.com
assets.trendemon.com — Cisco Umbrella Rank: 246335
trackingapi.trendemon.com — Cisco Umbrella Rank: 210305
pic.trendemon.com — Cisco Umbrella Rank: 567946
72 KB
8 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 4307
api.permutive.com — Cisco Umbrella Rank: 3370
81 KB
8 typekit.net
p.typekit.net — Cisco Umbrella Rank: 1499
use.typekit.net — Cisco Umbrella Rank: 1178
183 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
ib.adnxs.com — Cisco Umbrella Rank: 383
6 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
ssl.google-analytics.com — Cisco Umbrella Rank: 951
region1.google-analytics.com — Cisco Umbrella Rank: 3123
38 KB
5 affec.tv
go.affec.tv — Cisco Umbrella Rank: 12304
map.go.affec.tv — Cisco Umbrella Rank: 12931
4 KB
5 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688
10 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
2 KB
4 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 17231
26 KB
4 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 4912
40 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 1042
a26349430206.cdn.optimizely.com
logx.optimizely.com — Cisco Umbrella Rank: 2460
90 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
315 KB
2 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 5359
forms.hubspot.com — Cisco Umbrella Rank: 11636
3 KB
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2669
api.company-target.com — Cisco Umbrella Rank: 9578
2 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3241
alb.reddit.com — Cisco Umbrella Rank: 1969
761 B
2 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 14344
tag-logger.demandbase.com — Cisco Umbrella Rank: 13079
21 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1561
13 KB
2 gstatic.com
fonts.gstatic.com
14 KB
1 liadm.com
i.liadm.com — Cisco Umbrella Rank: 937
180 B
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 14824
780 B
1 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 13438
273 B
1 intentsify.io
tracking.intentsify.io — Cisco Umbrella Rank: 97005
573 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 505
149 B
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 26454
267 B
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 11009
92 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 5067
26 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 5135
28 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1352
98 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
246 B
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 10891
2 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 4337
712 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 5414
1 KB
1 fontawesome.com
ka-p.fontawesome.com — Cisco Umbrella Rank: 6252
15 KB
1 salesloft.com
app.salesloft.com — Cisco Umbrella Rank: 275460
721 B
1 bitsighttech.com
outreach.bitsighttech.com
530 B
136 40
Domain Requested by
28 www.bitsight.com www.bitsight.com
14 wsv3cdn.audioeye.com wsmcdn.audioeye.com
wsv3cdn.audioeye.com
8 trackingapi.trendemon.com assets.trendemon.com
7 api.permutive.com cdn.bizible.com
7 use.typekit.net www.bitsight.com
5 secure.adnxs.com 3 redirects www.bitsight.com
5 tags.srv.stackadapt.com www.bitsight.com
tags.srv.stackadapt.com
cdn.bizible.com
4 cdn.bizible.com www.googletagmanager.com
www.bitsight.com
cdn.bizible.com
4 consent.trustarc.com www.googletagmanager.com
consent.trustarc.com
www.bitsight.com
3 px.ads.linkedin.com 1 redirects cdn.bizible.com
3 go.affec.tv www.googletagmanager.com
go.affec.tv
3 www.googletagmanager.com www.bitsight.com
www.googletagmanager.com
2 assets.trendemon.com www.bitsight.com
assets.trendemon.com
2 logx.optimizely.com cdn.bizible.com
2 region1.google-analytics.com www.googletagmanager.com
2 map.go.affec.tv 2 redirects
2 region1.analytics.google.com www.googletagmanager.com
2 ssl.google-analytics.com www.bitsight.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com
1 pic.trendemon.com
1 analytics.audioeye.com wsv3cdn.audioeye.com
1 i.liadm.com
1 a.remarketstats.com 1 redirects
1 a.usbrowserspeed.com 1 redirects
1 tracking.intentsify.io 1 redirects
1 forms.hubspot.com cdn.bizible.com
1 wsmcdn.audioeye.com www.bitsight.com
1 track.hubspot.com
1 ib.adnxs.com cdn.bizible.com
1 cdn.permutive.com go.affec.tv
1 match.adsrvr.org www.bitsight.com
1 tag-logger.demandbase.com cdn.bizible.com
1 px4.ads.linkedin.com www.bitsight.com
1 cdn.bizibly.com www.bitsight.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 api.company-target.com tag.demandbase.com
1 id.rlcdn.com www.bitsight.com
1 s.company-target.com tag.demandbase.com
1 www.google.de www.bitsight.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 alb.reddit.com www.bitsight.com
1 pixel-config.reddit.com www.redditstatic.com
1 p.typekit.net www.bitsight.com
1 ws.zoominfo.com www.bitsight.com
1 tag.demandbase.com www.bitsight.com
1 pixel.mathtag.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 a26349430206.cdn.optimizely.com cdn.optimizely.com
1 js.hs-scripts.com www.bitsight.com
1 cdn.optimizely.com www.bitsight.com
1 ka-p.fontawesome.com
1 app.salesloft.com 1 redirects
1 outreach.bitsighttech.com 1 redirects
136 57
Subject Issuer Validity Valid
bitsight.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
cdn.optimizely.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
hs-scripts.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-07 -
2025-07-08		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-23 -
2025-04-30		 a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2024-08-27 -
2025-09-28		 a year crt.sh
zoominfo.com
E5		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2024-08-09 -
2025-09-07		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-27 -
2025-09-27		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.company-target.com
R11		 2024-08-15 -
2024-11-13		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2024-08-13 -
2025-09-14		 a year crt.sh
hs-analytics.net
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
hs-banner.com
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
hsleadflows.net
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
affec.tv
Amazon RSA 2048 M02		 2024-06-10 -
2025-07-09		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-08-27 -
2025-02-27		 6 months crt.sh
*.demandbase.com
Amazon RSA 2048 M02		 2024-06-10 -
2025-07-08		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
api.permutive.com
R11		 2024-08-19 -
2024-11-17		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
wsmcdn.audioeye.com
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
wsv3cdn.audioeye.com
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
logx.optimizely.com
WR3		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.trendemon.com
SSL.com RSA SSL subCA		 2024-06-18 -
2025-06-18		 a year crt.sh
report-prod.audioeye.com
Amazon RSA 2048 M03		 2024-08-18 -
2025-09-17		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Frame ID: 2F4825C941380AD10032A81FF145E999
Requests: 132 HTTP requests in this frame

Frame: https://a26349430206.cdn.optimizely.com/client_storage/a26349430206.html
Frame ID: 5EBF0B1438006BCE48E9F6064742DC2C
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 570E1D64FEE8498A04DE37152D7778D0
Requests: 1 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=bf8f99d
Frame ID: 7D1D7CFE3CB6565A899CD9AF17A389AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

7777 Botnet – Insights into a Multi-Target Botnet | Bitsight

Page URL History Show full URLs

  1. https://outreach.bitsighttech.com/t/9165/sc/59700d00-21e1-417a-a1ea-4b772febe426/NB2HI4DTHIXS653XO4XGE2LUONUWO... HTTP 302
    https://app.salesloft.com/t/9165/sc/59700d00-21e1-417a-a1ea-4b772febe426/NB2HI4DTHIXS653XO4XGE2LUONUWO... HTTP 302
    https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

95 %
HTTPS

53 %
IPv6

40
Domains

57
Subdomains

48
IPs

4
Countries

1716 kB
Transfer

4986 kB
Size

79
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://outreach.bitsighttech.com/t/9165/sc/59700d00-21e1-417a-a1ea-4b772febe426/NB2HI4DTHIXS653XO4XGE2LUONUWO2DUFZRW63JPMJWG6ZZPG43TONZNMJXXI3TFOQWWS3TTNFTWQ5DTFVWXK3DUNEWXIYLSM5SXILLCN52G4ZLU/MMYTQZJQMI2WGMLFME4WKNZZHAYDANRXGFRDQYRYGEYDEZBWMQ2DKZBRME4DKNBY/www-bitsight-com-blog-7777-botnet-insights-multi-target-botnet HTTP 302
    https://app.salesloft.com/t/9165/sc/59700d00-21e1-417a-a1ea-4b772febe426/NB2HI4DTHIXS653XO4XGE2LUONUWO2DUFZRW63JPMJWG6ZZPG43TONZNMJXXI3TFOQWWS3TTNFTWQ5DTFVWXK3DUNEWXIYLSM5SXILLCN52G4ZLU/MMYTQZJQMI2WGMLFME4WKNZZHAYDANRXGFRDQYRYGEYDEZBWMQ2DKZBRME4DKNBY/www-bitsight-com-blog-7777-botnet-insights-multi-target-botnet HTTP 302
    https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1724810649506&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1724810649506&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&e_ipv6=AQKfJ2fEDiDS4QAAAZGWueAOMmm8Qa2qMG2M4jZAMd335_YYViFOCZW79tS1FIL82Aivb-HTgUUpE-BtUd6MTGZbWHT7IA
Request Chain 79
  • https://secure.adnxs.com/px?gdpr=&gdpr_consent=&id=1718952&order_id=%5BORDER_ID%5D&seg=34797513&t=1&value=%5BREVENUE%5D HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718952%26order_id%3D%255BORDER_ID%255D%26seg%3D34797513%26t%3D1%26value%3D%255BREVENUE%255D
Request Chain 81
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent= HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D66ce8599cf3c7800010397ec%26chc%3Daf%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/an/5191495850101263159?ch=66ce8599cf3c7800010397ec&chc=af&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
Request Chain 84
  • https://secure.adnxs.com/px?gdpr=&gdpr_consent=&id=1718953&order_id=%5BORDER_ID%5D&seg=34797516&t=1&value=%5BREVENUE%5D HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718953%26order_id%3D%255BORDER_ID%255D%26seg%3D34797516%26t%3D1%26value%3D%255BREVENUE%255D
Request Chain 105
  • https://tracking.intentsify.io/page-tracking/intentsify-bitsight/https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet HTTP 302
  • https://a.usbrowserspeed.com/cs?pid=5476ad7fb254ae8ddffd9ee34e77cfbb0c895c04783f2a615f8a1341878ee532&puid=e08d179f-8f0c-48f6-a717-2107fc5454fb-intentsify-bitsight HTTP 302
  • https://a.remarketstats.com/px/li-co/ HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=e87ce2d8-5150-471b-a93f-ec9a33264aea&ccid=e87ce2d8-5150-471b-a93f-ec9a33264aea&redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d59ee852e%252d52a9%252d51bc%252d88c1%252dcadebea964dd

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 7777-botnet-insights-multi-target-botnet
www.bitsight.com/blog/
Redirect Chain
  • https://outreach.bitsighttech.com/t/9165/sc/59700d00-21e1-417a-a1ea-4b772febe426/NB2HI4DTHIXS653XO4XGE2LUONUWO2DUFZRW63JPMJWG6ZZPG43TONZNMJXXI3TFOQWWS3TTNFTWQ5DTFVWXK3DUNEWXIYLSM5SXILLCN52G4ZLU/MMY...
  • https://app.salesloft.com/t/9165/sc/59700d00-21e1-417a-a1ea-4b772febe426/NB2HI4DTHIXS653XO4XGE2LUONUWO2DUFZRW63JPMJWG6ZZPG43TONZNMJXXI3TFOQWWS3TTNFTWQ5DTFVWXK3DUNEWXIYLSM5SXILLCN52G4ZLU/MMYTQZJQMI2...
  • https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
124 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3182cda2f077ddc6056538de879b93d0b22745ca7e768796050a110123060
Security Headers
Name Value
Content-Security-Policy report-uri /report-csp-violation
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
44828
cache-control
max-age=31536000, public
cf-cache-status
DYNAMIC
cf-ray
8ba0ba979d0ad350-FRA
content-encoding
br
content-language
en
content-security-policy
report-uri /report-csp-violation
content-type
text/html; charset=UTF-8
date
Wed, 28 Aug 2024 02:04:08 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 27 Aug 2024 13:36:33 GMT
link
<analytics.google.com>; rel="dns-prefetch", <js.driftt.com>; rel="dns-prefetch", <rackingapi.trendemon.com>; rel="dns-prefetch", <tags.srv.stackadapt.com>; rel="dns-prefetch", <cdn.optimizely.com>; rel="dns-prefetch", <js.hs-scripts.com>; rel="dns-prefetch", <logx.optimizely.com>; rel="dns-prefetch", <metrics.hotjar.io>; rel="dns-prefetch", <bootstrap.driftapi.com>; rel="dns-prefetch", <ka-p.fontawesome.com>; rel="dns-prefetch", <audioeye.com>; rel="dns-prefetch", <googletagmanager.com>; rel="dns-prefetch", <permutive.com>; rel="dns-prefetch", <hotjar.com>; rel="dns-prefetch", <analytics.google.com>; rel="preconnect", <js.driftt.com>; rel="preconnect", <rackingapi.trendemon.com>; rel="preconnect", <consent.trustarc.com>; rel="preconnect", <cdn.optimizely.com>; rel="preconnect", <js.hs-scripts.com>; rel="preconnect", <metrics.hotjar.io>; rel="preconnect", <logx.optimizely.com>; rel="preconnect", <bootstrap.driftapi.com>; rel="preconnect", <ka-p.fontawesome.com>; rel="preconnect", <tags.srv.stackadapt.com>; rel="preconnect", <audioeye.com>; rel="preconnect", <googletagmanager.com>; rel="preconnect", <permutive.com>; rel="preconnect", <hotjar.com>; rel="preconnect", <https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2>; rel="prefetch", <https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-light-300-0.woff2>; rel="prefetch", <https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2>; rel="prefetch", <https://kit.fontawesome.com/bc8e4d7021.js>; rel="prerender", <https://js-agent.newrelic.com/nr-rum-1.255.0.min.js>; rel="prerender"
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
surrogate-key
tilu alec 15nq bh81 g521 135a t5be 1rv1 4iqj 2h09 k5im 7bmp epgs ffa2 tapm s1so lgqj d7d6 1971 6ehj gaf3 7363 0e7p knej sheu khoj 4n5i cj78 vja0 ka5u 78t5 6dsl ldc7 snk9 tib3 rjqv tjhs n16q 5m0j keo3 rl04 p93v vcdf e79l u1q5 gsd9 993f lira nl66 jro7 in6f 3t5u gff7 1cn6 h29v gj1q o1kn l5sq 4usq 3a5l ioq1 gk6q vd14 fu9a 9vv1 pl46 hkp0 g1ao 5q76 m3h4 c5l7 e015 p82o 6p2s v10q e2u6 b21s 73r4 te31 6u10 8oji bsc4 ptd2 i1hh m4ma 704t l0o5 ebeg 601f kfqg eit7 ig0p 4fu4 vq51 oauf snab trke e1j3
vary
Cookie,Accept-Encoding
via
varnish
x-ah-environment
prod
x-cache
HIT
x-cache-hits
405
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-drupal-cache
HIT
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-request-id
v-6f8044fc-6479-11ef-9b35-4b8bb5d6b098
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-security-policy-report-only
default-src 'self' https: blob: data:; img-src 'self' https: http:; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 02:04:07 GMT
location
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-entry-cluster
k8s-euro-pop-2
x-entry-pop
eu-central-1
x-frame-options
SAMEORIGIN
x-global-request-start
t=1724810647.952
x-permitted-cross-domain-policies
none
x-request-id
a39dfc336df92ea8508292fc1c02eaee
x-runtime
0.059835
x-xss-protection
1; mode=block
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:12:07 GMT
x-content-type-options
nosniff
age
154321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13976
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 07:12:07 GMT
pro-fa-light-300-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-light-300-0.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:08 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:16 GMT
server
cloudflare
age
12729168
etag
"660c2974-3c34"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8ba0ba9b2a813641-FRA
content-length
15412
26349430206.js
cdn.optimizely.com/js/ 		294 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/26349430206.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae9323e97db5aa486b9566ca0610adf0e575b702466a723ce7b56a3663b9a84

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
date
Wed, 28 Aug 2024 02:04:08 GMT
content-encoding
gzip
x-amz-version-id
IThdhO03sMFUCgd1zI3NwpXZyVUanb9g
cf-cache-status
HIT
x-amz-request-id
NCMFV9792BATCEGC
x-amz-server-side-encryption
AES256
x-amz-meta-revision
4170
x-amz-replication-status
PENDING
content-length
90859
x-amz-id-2
Wy8IXNgdqJzdncV8i3rsRp/jzwtzC1j+Hss0dI9EMH8fjQk0Kd0kFFGaLXe1GrG2B/DItKjbO2lePu4I2/BqRY83XRYqeq3C
last-modified
Wed, 28 Aug 2024 01:37:12 GMT
server
cloudflare
etag
"9c7e1c20b5b84131b792eee11c4de2fb"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
cf-ray
8ba0ba9b094cd205-FRA
css_mT6sbLnulGtVrkmTjCmqKHsTxfb49JSAAmnNKfrcMn0.css
www.bitsight.com/sites/default/files/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bitsight.com/sites/default/files/css/css_mT6sbLnulGtVrkmTjCmqKHsTxfb49JSAAmnNKfrcMn0.css?delta=0&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a9f95cd98279def71cf5279f01539030d309444815b54309fe6b692a40c3bc8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Tue, 19 Aug 2025 12:48:54 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
via
varnish
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
1331
x-request-id
v-733700dc-5e29-11ef-8f28-a74ebcf22fc0
last-modified
Mon, 19 Aug 2024 12:48:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9ae966d350-FRA
x-cache-hits
1008
css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css
www.bitsight.com/sites/default/files/css/ 		87 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40067388c9f58d4054ca0820e778a4dc7fc9f438096472757602b05c33dc78b4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Tue, 19 Aug 2025 12:49:19 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
via
varnish
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
13219
x-request-id
v-64394b58-5e29-11ef-8fbb-eb07a0accee3
last-modified
Mon, 19 Aug 2024 12:48:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9ae968d350-FRA
x-cache-hits
1022
Products_EnterpriseSecurity.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		994 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Products_EnterpriseSecurity.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa835bf336518ca4931e778fb197ec61619cffb788dd165101fd75a72e8501c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:05 GMT
date
Wed, 28 Aug 2024 02:04:08 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
0
x-cache
HIT
x-ah-environment
prod
x-request-id
v-6d48b346-500a-11ef-92c5-0360dfd4fdfe
last-modified
Sat, 27 Apr 2024 17:46:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9ae969d350-FRA
x-cache-hits
31228
Products_DigitalSupplyChainSecurity.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Products_DigitalSupplyChainSecurity.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05ec3af317f66e55cf146dae21f89cefe57f554f4578b6f3cc2725556f6e4568
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:05 GMT
date
Wed, 28 Aug 2024 02:04:08 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
0
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4d9e01c2-500a-11ef-8a2c-e30a1be3abdc
last-modified
Sat, 27 Apr 2024 17:48:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9ae96bd350-FRA
x-cache-hits
31398
Products_RiskGovernanceReporting.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		712 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Products_RiskGovernanceReporting.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81c36cdb108432837c8b0aa93698c722ca46600ccd3b9b291f9525028cc597f0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:59 GMT
date
Wed, 28 Aug 2024 02:04:08 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
0
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4e29bb36-500a-11ef-b58a-a3ec8dc05289
last-modified
Sat, 27 Apr 2024 17:50:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9b0985d350-FRA
x-cache-hits
31346
Products_RiskAnalysisData.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		630 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Products_RiskAnalysisData.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e157ae234a3355cfdc3c556f5eb217ef5813a52285c7bc076cbcb2f2b051e1fa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:33 GMT
date
Wed, 28 Aug 2024 02:04:08 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
0
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4e1a057e-500a-11ef-b6b8-17e22fad1fec
last-modified
Sat, 27 Apr 2024 17:52:21 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9b098bd350-FRA
x-cache-hits
31224
Products_CyberUnderwritingRiskControl.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Products_CyberUnderwritingRiskControl.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a06c148437510af39e43af96755690d51dade3be7db0e89187a517173a39fee
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:06 GMT
date
Wed, 28 Aug 2024 02:04:08 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
0
x-cache
HIT
x-ah-environment
prod
x-request-id
v-5d6eaa34-500a-11ef-adc9-afd3c582c9b5
last-modified
Sat, 27 Apr 2024 17:53:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9b1998d350-FRA
x-cache-hits
31362
Produ_ProfessionalServices.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Produ_ProfessionalServices.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597eaadaf8ff91a99dd23ce9c48bd76a015abd51b0c84719958a313844852259
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:38 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-6166106e-500a-11ef-a8c9-8fbe6328bb40
last-modified
Sat, 27 Apr 2024 17:53:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c5b7ad350-FRA
x-cache-hits
31043
Sidebar_LightBulb.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Sidebar_LightBulb.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7a7368a6cca9fcd7c5f2ec658933e4d659dda40a9252133327a050f7be5822
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:33 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4e1bcab2-500a-11ef-b357-a76dd8f40b7e
last-modified
Sat, 27 Apr 2024 17:45:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c5b7cd350-FRA
x-cache-hits
31092
Solutions_UseCases.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Solutions_UseCases.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc825efbd3a34a29ae7b9bd642d2b255555ec30d23c63404ec5b1fcc7a84a4a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:06 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-635c1968-500a-11ef-96fd-0774b9b4b28b
last-modified
Sat, 27 Apr 2024 17:56:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c5b7ed350-FRA
x-cache-hits
31028
Solutions_Industries.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		864 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Solutions_Industries.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419070443915898c758df09443308ff56b55aaaef50b9e9d2f2d9c1bed232474
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:06 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-5ea299d8-500a-11ef-ae32-1f8e7c84946a
last-modified
Sat, 27 Apr 2024 17:59:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c5b7fd350-FRA
x-cache-hits
31356
DataInsights_OurData.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		725 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/DataInsights_OurData.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe2450ea985e2c9c09a59f572b41bb82c98e2e72e681e56def06dcb5d57d71a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:34 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4e1960ce-500a-11ef-941a-87b45c62c536
last-modified
Sat, 27 Apr 2024 18:03:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c5b80d350-FRA
x-cache-hits
31080
DataInsights_ThreatResearch.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/DataInsights_ThreatResearch.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4313da09ef903b43059f86c88118846f9a01916857b958be35813cec02c4b42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:41 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-635cef6e-500a-11ef-9d3b-03ec75d6b576
last-modified
Sat, 27 Apr 2024 18:18:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c5b81d350-FRA
x-cache-hits
30931
Sidebar_Bell.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		766 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Sidebar_Bell.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39623c86e4198f8b41011334fc0449c1f4fc53881eb4319d3abc170ab343b64c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:32:01 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4e1b367e-500a-11ef-aff7-ff692cc1d873
last-modified
Sat, 27 Apr 2024 18:03:01 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c5b82d350-FRA
x-cache-hits
30872
Company_AboutUs.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Company_AboutUs.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f34eb1ce7d0cbd0efad1b6683a8d15e031151f733f85f044fff6b4b066c9b4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:06 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4e1b258a-500a-11ef-9fff-8b92455c3243
last-modified
Sat, 27 Apr 2024 18:07:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c6b83d350-FRA
x-cache-hits
31030
Company_ConnectWithUs.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		745 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Company_ConnectWithUs.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53fe440fd8722dba2c71db5ae5817928330215b74c84a96096231dffde0c4017
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:34 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-4e1b123e-500a-11ef-8cb8-832ef4e47d2a
last-modified
Sat, 27 Apr 2024 18:09:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c6b84d350-FRA
x-cache-hits
31100
Resources_Resources.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Resources_Resources.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a21545d4225c0181c2c0e7df5e5961abe2d404c65b35ca727c7a55fc4fa7d5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:06 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-5f1cd2de-500a-11ef-a496-ff421805185a
last-modified
Sat, 27 Apr 2024 18:12:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c6b85d350-FRA
x-cache-hits
30949
Resources_Blog.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Resources_Blog.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee1b1b8e566d16455e7a351f87237f103ecd33be8111d4f3448056ef8dd00e04
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:35 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-5f9c5eb4-500a-11ef-9ff5-471e0db35a20
last-modified
Sat, 27 Apr 2024 18:14:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c6b91d350-FRA
x-cache-hits
30714
Sidebar_QuoteBubble.svg
www.bitsight.com/sites/default/files/2024/04/27/ 		1 KB
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/04/27/Sidebar_QuoteBubble.svg
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401deae0c12a30d865a0d9d562ae3da5fcbb13d60e196f73d27e3f7a95dc7b2c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:32:01 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
age
1
x-cache
HIT
x-ah-environment
prod
x-request-id
v-6f4e9ba6-500a-11ef-82a4-9f29f0f875a9
last-modified
Sat, 27 Apr 2024 18:16:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8ba0ba9c6b92d350-FRA
x-cache-hits
30820
7777-botnet-hero.webp
www.bitsight.com/sites/default/files/styles/16_9_large_2x/public/2024/08/26/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/styles/16_9_large_2x/public/2024/08/26/7777-botnet-hero.webp?itok=82sB6a1M
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e651f1816e7e5a3787c5fe3d558f0795375ca8f122e72c78c908940e4c2623c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 27 Aug 2025 12:40:02 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
160888
x-request-id
v-7ae2313c-6471-11ef-a4d5-2beff55a44fc
last-modified
Mon, 26 Aug 2024 14:46:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9c6b93d350-FRA
x-cache-hits
34
email-decode.min.js
www.bitsight.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitsight.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 21 Aug 2024 12:08:06 GMT
server
cloudflare
content-encoding
gzip
etag
W/"66c5d8a6-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8ba0ba9b29a0d350-FRA
expires
Fri, 30 Aug 2024 02:04:08 GMT
js_AP2kvxsNLJsg4zXPOzLaqYCatLK_UJ-s1xi2NfOpkoc.js
www.bitsight.com/sites/default/files/js/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitsight.com/sites/default/files/js/js_AP2kvxsNLJsg4zXPOzLaqYCatLK_UJ-s1xi2NfOpkoc.js?scope=footer&delta=0&language=en&theme=bitsight_theme&include=eJxli1sKwCAMwC409UhSa7HFJ1phxx9s-9q-QgjhHdbo6vihxR7J6wTM0tJBpxZp2cW5BxT76hFElyRWr0yV3OooUEyltr-pgrQ7mFA6_k9RMkwQaV6VsjWs
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2785338f57bd8c8bf3e6349d1ad3a7061b4985747fd6c488ddda0a15e9c1bdf3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Tue, 19 Aug 2025 12:48:54 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
via
varnish
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
32455
x-request-id
v-63eb44c6-5e29-11ef-b485-4ffed8c1cb3f
last-modified
Mon, 19 Aug 2024 12:48:10 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9b39bed350-FRA
x-cache-hits
2400
277648.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/277648.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3692dba7418917418d5324f80916d40f9fcd62d7fe953fc059164d0132974309
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a9853e94-ea08-403f-bcb2-1b62e65bc045
cf-polished
origSize=1528
age
1
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a9853e94-ea08-403f-bcb2-1b62e65bc045
cf-bgj
minify
last-modified
Wed, 28 Aug 2024 02:04:08 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.bitsight.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5585666f5f-xw2kk
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
8ba0ba9cbc53d236-FRA
expires
Wed, 28 Aug 2024 02:05:39 GMT
js_bpwDy19SJZfRNqjXX764x9ELw_TN9HfTvBxN2g4f5Hg.js
www.bitsight.com/sites/default/files/js/ 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitsight.com/sites/default/files/js/js_bpwDy19SJZfRNqjXX764x9ELw_TN9HfTvBxN2g4f5Hg.js?scope=footer&delta=2&language=en&theme=bitsight_theme&include=eJxli1sKwCAMwC409UhSa7HFJ1phxx9s-9q-QgjhHdbo6vihxR7J6wTM0tJBpxZp2cW5BxT76hFElyRWr0yV3OooUEyltr-pgrQ7mFA6_k9RMkwQaV6VsjWs
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19dae6815a4b717bcfb64b68231b424380f6f4e0f6ca043300e205f3199d0136
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Tue, 19 Aug 2025 12:51:21 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
via
varnish
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
13429
x-request-id
v-64c03d8e-5e29-11ef-ae16-c7e4c84b1808
last-modified
Mon, 19 Aug 2024 12:48:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9b39bfd350-FRA
x-cache-hits
2449
gtm.js
www.googletagmanager.com/ 		424 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db7e8a6de6e97cf2fa8d709744e5c4eee295e2962786dbcbbb8da389a70fd1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130311
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 00:52:49 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Aug 2024 02:04:09 GMT
a26349430206.html
a26349430206.cdn.optimizely.com/client_storage/ Frame 5EBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a26349430206.cdn.optimizely.com/client_storage/a26349430206.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/26349430206.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1
cache-control
max-age=120
cf-cache-status
HIT
cf-ray
8ba0ba9cd99d18f3-FRA
content-encoding
gzip
content-length
775
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 02:04:09 GMT
etag
"3f467ec943ebc4dc45fdcdc9e7a2a631"
last-modified
Wed, 28 Aug 2024 01:37:09 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
fSiZWtsv4i5UrF/3Fe3fb33woCC7Pw/EgAArljQnddXDskjseFu6Kje9JThWEzieb4PR4mmPff8=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
WDD250S4JY0WQFTH
x-amz-server-side-encryption
AES256
x-amz-version-id
4vBtUSlcpmIXAEB38_S8_Sk_WD59Ti53
notice
consent.trustarc.com/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=bitsighttech.com&c=teconsent&js=bb&noticeType=bb&text=true&pn=1&gtm=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-13.fra2.r.cloudfront.net
Software
/
Resource Hash
ad1464ef6f05067a0bee348a1ce3c3f5513a6f621d1b3d67ff994d477d7f7ce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600
x-amz-cf-id
oOpCRKs82ovMGnT7XZCYIasU8vemNmnFod1HNfav35-OhgQc4TKKKg==
destination
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-RJ4RWVVWH4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd35a3d366b444cb0e011e3dbc1dd0270da4f3cd92a158f6741411a4865ac2c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104426
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Aug 2024 02:04:09 GMT
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA7) /
Resource Hash
2e8710ea8e54e2fa54dbcb5e7de64ed283eea9667cef43953992f5bec6732d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
last-modified
Thu, 22 Aug 2024 19:04:08 GMT
server
ECS (amb/6BA7)
age
17272
etag
"5f38f410c6f4da1:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25393
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=46477
accept-ranges
bytes
content-length
14628
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Aug 2024 01:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2944
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Aug 2024 03:15:05 GMT
destination
www.googletagmanager.com/gtag/ 		242 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-965095466&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9992a972d47b61dcf0eb7b9e515dac5b13f5076d350ff1d159aa70dffc7c4069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87513
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 00:52:49 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Aug 2024 02:04:09 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
js
pixel.mathtag.com/event/ 		161 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=222552
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.249 Frederick, United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
MT3 1637 26565ec master ord ord-pixel-x33 config_version:"2522" /
Resource Hash
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 02:04:09 GMT
Strict-Transport-Security
31536000
Referrer-Policy
strict-origin
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
MT3 1637 26565ec master ord ord-pixel-x33 config_version:"2522"
X-Permitted-Cross-Domain-Policies
all
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Cross-Origin-Resource-Policy
cross-origin
Connection
close
X-XSS-Protection
0
7127e84810857c8d.min.js
tag.demandbase.com/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.demandbase.com/7127e84810857c8d.min.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84d5e9f085c0adf0c27f250e2121f83f603ef49f2eef0a0672ff3c4620adde03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
QAM7FqS.pdilmEkpYk0IqIvm.RgZ83Y7
content-encoding
gzip
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 02:04:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 27 Aug 2024 19:17:59 GMT
server
AmazonS3
etag
W/"eb81f3763d9ddfea534f0372863e7025"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
tfwciikYdfFsyDCJmhyG4pvk_zMdhT9XayXt4USFdDf0pDcT4XEF_A==
nB5wHQT3fvQHVI5gp4PL
ws.zoominfo.com/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/nB5wHQT3fvQHVI5gp4PL
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:752b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
61f063f82aae5e17262c96063a404f2ad171a7f041098022aceccfd7423c1e0b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
8ba0ba9d8ce13718-FRA
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Aug 2024 00:51:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4353
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 28 Aug 2024 02:51:36 GMT
events.js
tags.srv.stackadapt.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.212.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-212-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e1046c25ede2dcb4cac3410178dc5d011065c5f0714c41d9906809bc657c0853

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 02:04:09 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=dws7syq&ht=tk&f=39488.39489.39490.39491.39492.39493.39494.39495.39496.39497.39498.39499.39500.39501.39502.39503.39504.39505.39506.39507.39508.39509&a=212160357&app=typekit&e=css
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
config
pixel-config.reddit.com/pixels/t2_dy92zhkbx/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_dy92zhkbx/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_dy92zhkbx_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_dy92zhkbx_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1724810649223&id=t2_dy92zhkbx&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=c4a89fd2-0a16-4ebf-a2dd-78589ffce767&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RJ4RWVVWH4&gtm=45je48r0h2v882142918z876025611za200zb76025611&_p=1724810649020&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dNTIxZG&cid=710076879.1724810649&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724810649&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&dt=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&en=experience_impression&_fv=1&_nsi=1&_ss=1&ep.exp_variant_string=OPT-30157190592(Q325%20-%20Chatnow%20in%20Utility%20Nav)-30170670191(Chat%20Now)&tfd=2121
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RJ4RWVVWH4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RJ4RWVVWH4&cid=710076879.1724810649&gtm=45je48r0h2v882142918z876025611za200zb76025611&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RJ4RWVVWH4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RJ4RWVVWH4&cid=710076879.1724810649&gtm=45je48r0h2v882142918z876025611za200zb76025611&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1717206333
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1.7-230
consent.trustarc.com/asset/notice.js/v/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-230
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=bitsighttech.com&c=teconsent&js=bb&noticeType=bb&text=true&pn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-13.fra2.r.cloudfront.net
Software
/
Resource Hash
f2769341fbf31a14e512d5b4138e93597e2eaf57dc58a09748a0515f4d4fd267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 28 Aug 2024 01:15:48 GMT
content-encoding
gzip
via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 5 Aug 2024 02:19:53 GMT
x-amz-cf-pop
FRA2-C1
age
2901
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
ectatBAUUqjWGiHkjimSKwxVxUx7euqkuJhCBA_7sZgTggdhrJ9fkA==
log
consent.trustarc.com/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=bitsighttech.com&country=de&state=&behavior=implied&session=5904bc43-01b6-4408-bf00-a9b58125bea3&userType=NEW&c=e751&referer=https://www.bitsight.com&language=de
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-13.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
kSrEV2yJAKUdW0v66x6D2I0rI9uFs26ChPY_kNHF8gEslFEIIKCPJA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1290778188&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&ul=de-de&de=UTF-8&dt=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1726578059&gjid=533085291&cid=710076879.1724810649&tid=UA-36272386-4&_gid=1864694251.1724810649&_r=1&_slc=1&gtm=45He48q0n81MZ2J8ZGv76025611za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1788200195
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.company-target.com/s/ Frame 570E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.company-target.com/s/sync?exc=lr
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/7127e84810857c8d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.71.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
content-type
text/html; charset=UTF-8
date
Wed, 28 Aug 2024 02:04:09 GMT
via
1.1 google
464526.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ip.json
api.company-target.com/api/v2/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&page_title=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/7127e84810857c8d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-75.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b23289d5480704fc4e42493257586ab634b52b5f706de3f96df451208169c506

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
identification-source
CENTRAL
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
request-id
337de15c-bb9b-4ccc-8035-9bbece00d74b
pragma
no-cache
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bitsight.com
access-control-expose-headers
x-amz-cf-id
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Origin
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
GFbkKC5fitGePvobBoWZDzodmtJv3IB8xZ45C5IvWmh6UqK2VOZVZg==
expires
Tue, 27 Aug 2024 02:04:09 GMT
277648.js
js.hs-analytics.net/analytics/1724810400000/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1724810400000/277648.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/277648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d36321e0e26e264ce3e24193f1e2abbf7cf0df2807305869a4b3ed10bf3c383

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
FQMW5BDWH0ZHMG6R
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
05394495-8374-451c-afa1-5adc52834593
age
0
x-envoy-upstream-service-time
49
x-amz-id-2
M0VJ93OG7WeRBf9X7sEdkXn0hFwCorBAHuRTvHEFD3lRboQaBm95BulZrSZfyW/CucSWF7i4rrdxWaq0mvV2QEPgFA+wCqSC
x-evy-trace-listener
listener_https
x-request-id
05394495-8374-451c-afa1-5adc52834593
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 23 Aug 2024 14:30:50 GMT
server
cloudflare
etag
W/"3a45e065d38199e20cb59d30a838d6de"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-mxkcv
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8ba0ba9efdfa974e-FRA
expires
Wed, 28 Aug 2024 02:09:08 GMT
banner.js
js.hs-banner.com/v2/277648/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/277648/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/277648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f75f2bba428b256fdf85b78ba38e3c88c372433d6b484faf4da9c7780102494

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
x-amz-version-id
9rYQwXAh7p3RpE9mplC_EqLSRKBCDaOM
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9YVDSXY9Z1R4K32R
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
3af1b9a7-10da-4452-ae2f-d254659f167c
age
0
x-envoy-upstream-service-time
52
x-amz-id-2
N6A6sAsNV9P4NLFAAzSkMFUmcsWR+qOOxB3PQ8TqM+9LNRnykVtCW7d6GKLL85NybpvTM4WGAYg=
x-evy-trace-listener
listener_https
x-request-id
3af1b9a7-10da-4452-ae2f-d254659f167c
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 23 Aug 2024 14:30:47 GMT
server
cloudflare
etag
W/"0d348277da23f2965a1392e91a7fa6aa"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.bitsight.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wxrdh
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8ba0ba9efb0618e9-FRA
expires
Wed, 28 Aug 2024 02:09:09 GMT
leadflows.js
js.hsleadflows.net/ 		551 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/277648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
age
60320
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js&cfRay=8b9af9f3d9f209bd-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"b6c788efa3b3fd53687b2c92c85a5a5f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js
date
Wed, 28 Aug 2024 02:04:09 GMT
x-amz-version-id
TIDmoMti0Vib7LJNFwT63dnpWuuDUZfu
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
823b833c-be43-48f8-929b-8ac9507109c5
x-cache
RefreshHit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
19
x-evy-trace-route-configuration
listener_https/all
x-request-id
823b833c-be43-48f8-929b-8ac9507109c5
last-modified
Tue, 23 Jul 2024 12:57:23 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-7n5lj
cf-ray
8ba0ba9ef97e9bd6-FRA
x-amz-cf-id
onmhX55o33dQI5Vy1it9ll6pVJFl87E0Nq9dA4n9GzRg7QuIPKRyVQ==
l
use.typekit.net/af/0230dd/00000000000000007735bb33/30/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0230dd/00000000000000007735bb33/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e5b627b2aa5520423d9eef65612847ff0316ea78285f6ca54c461cabf4077f91

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
nginx
etag
"5bb33ae2a954c4b3b528681f85ecbf7624532fad"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26356
l
use.typekit.net/af/153042/00000000000000007735bb62/30/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/153042/00000000000000007735bb62/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2dcac4047f716bc02991807013dff48324f753a0fce153a57e5b6383437ba3fc

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
nginx
etag
"b0d46bd3fb22c6c06785f44e1a131be6878e0485"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24460
l
use.typekit.net/af/2807c7/00000000000000007735bb48/30/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2807c7/00000000000000007735bb48/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e9c868845bfe5b3bf488c1c436477de885248c4634cc36d08d11240fc9653290

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
nginx
etag
"345c80c63820ac9235d1faecff05a70c32942437"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24820
l
use.typekit.net/af/384d9b/00000000000000007735bb6a/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/384d9b/00000000000000007735bb6a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
nginx
etag
"23427917d6d72688888854d7151dc7962d8d8301"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25828
l
use.typekit.net/af/aed66e/00000000000000007735bb35/30/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/aed66e/00000000000000007735bb35/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
62a382e91ed614e0fde41e75af950e689567e895203f54fac5e2c81fc0df21d8

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
nginx
etag
"9e3369ea7ed88f1e4a8a12a637f7348f31af57ce"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27892
l
use.typekit.net/af/305037/00000000000000007735bb39/30/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/305037/00000000000000007735bb39/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
357e9638466a0ed42f1a9d503d72f5d2420aa843ba7e1560851f762e707c9df8

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
nginx
etag
"4af6f044e86b0a30d1aa7c5babe16808274dd9a8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27780
l
use.typekit.net/af/160664/00000000000000007735bb32/30/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/160664/00000000000000007735bb32/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_-T7UgZgbfZc1jwkSBNPUnp5GHwUejLlQw3cM7ENJJkI.css?delta=1&language=en&theme=bitsight_theme&include=eJxtkFFywzAIRC8kRUfKIInYTJHwCBRXPX0dt_2olT9gmYV9OtSwhAiKLjGojn91QVVYUF2ShqFKK8D0hS6SKS2r3W3FgmFhicAOP42pfoTc-gZ8-22vyyqJgH3B2ieJDP1DxLA5hiHd7pk0yRPbCFIxCbuCmSA8iI-lW4LNSOrVZ0XIVJfr2I6P_D6U9jFpcRy_TsHOY9chDoxN9sldNkr6R65Kntx-Is03avdMOgmxm83ZClA94fnIkma6L4SxQX0H4BRfcLB9A86Yxhw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d46328b6026c1b4d7f1b4707c3f2f1f2c8bf66292ae919034313697c557844d3

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
nginx
etag
"a0a5b94f1d2bb67123bf96637186b77b73341264"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28612
bannermsg
consent.trustarc.com/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=bitsighttech.com&behavior=implied&country=de&language=de&rand=0.6633815317843048&session=5904bc43-01b6-4408-bf00-a9b58125bea3&userType=NEW&referer=https://www.bitsight.com
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-13.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
dVs77sJHDsklokGVVjtk6fBUIpjNAdblKZD7ul8mRgk0_MVQw9hKrA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
xlogin-shell-banner.png
www.bitsight.com/sites/default/files/2024/08/26/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/08/26/xlogin-shell-banner.png
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed53ee3cf68cdee37d5baae6bef8233f37b144c5c1f2780386885cb1355572c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 27 Aug 2025 12:40:56 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
15336
x-request-id
v-9aab253c-6471-11ef-927a-c3d328f809ce
last-modified
Mon, 26 Aug 2024 14:20:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9f1f20d350-FRA
x-cache-hits
37
alogin-shell-banner.png
www.bitsight.com/sites/default/files/2024/08/26/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/08/26/alogin-shell-banner.png
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c29c2da0a81b0678e7301d9a0de0254ade2caf2b6be3ac1bddb6524306fb35d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 27 Aug 2025 12:40:56 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
16032
x-request-id
v-9aad5ece-6471-11ef-a0e0-23b3061d027c
last-modified
Mon, 26 Aug 2024 14:13:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9f1f24d350-FRA
x-cache-hits
35
running-processes-of-a-comprised-tp-link-router.png
www.bitsight.com/sites/default/files/2024/08/26/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitsight.com/sites/default/files/2024/08/26/running-processes-of-a-comprised-tp-link-router.png
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae805aefa3404c97bdd551065ced7162b46c5f4ca50101eab68bc0265af46af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 27 Aug 2025 12:51:40 GMT
date
Wed, 28 Aug 2024 02:04:09 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
content-length
5966
x-request-id
v-1aad2310-6473-11ef-a8b9-3b0831469e4c
last-modified
Mon, 26 Aug 2024 14:14:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8ba0ba9f1f25d350-FRA
x-cache-hits
32
64fa38cc287519aad2798b3c
go.affec.tv/j/ 		663 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/j/64fa38cc287519aad2798b3c?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.95.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-95-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bdbe2296fe0d69cb54f75f8634242db65c3b02af117019e4575c0ee90871851

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type
application/javascript
cache-control
no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length
431
expires
Wed, 04 Apr 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=437449220&utmhn=www.bitsight.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&utmhid=1290778188&utmr=-&utmp=%2Fblog%2F7777-botnet-insights-multi-target-botnet&utmht=1724810649482&utmac=UA-XXXYYYZZZ-1&utmcc=__utma%3D15825701.710076879.1724810649.1724810649.1724810649.1%3B%2B__utmz%3D15825701.1724810649.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1590294508&utmredir=1&utmu=qhAgAAAAAAAAAAAAAAABAAAE~
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ipv
cdn.bizible.com/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=4b9ea25e5fe744e4831b817159caa783&_biz_l=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&_biz_t=1724810649492&_biz_i=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&_biz_n=0&rnd=820300&cdn_o=a&_biz_z=1724810649493
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B77) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 23 Aug 2024 21:15:31 GMT
server
ECS (amb/6B77)
age
362919
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
kvp
cdn.bizible.com/ 		43 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Id%22%3A%2230145560307.30157190592%22%2C%22Name%22%3A%22Q325%20-%20Chatnow%20in%20Utility%20Nav.Q325%20-%20Chatnow%20in%20Utility%20Nav%22%7D%2C%22Var%22%3A%7B%22Id%22%3A%2230170670191%22%2C%22Name%22%3A%22Chat%20Now%22%7D%2C%22U%22%3A%22oeu1724810648999r0.1729296286256976%22%7D%2C%7B%22Exp%22%3A%7B%22Id%22%3A%2230168860060.30153410336%22%2C%22Name%22%3A%22Why%20Bitsight%20vs%20Data%20%26%20Insights.Why%20Bitsight%20vs%20Data%20%26%20Insights%22%7D%2C%22Var%22%3A%7B%22Id%22%3A%2230207080019%22%2C%22Name%22%3A%22Original%22%7D%2C%22U%22%3A%22oeu1724810648999r0.1729296286256976%22%7D%5D%7D&_biz_u=4b9ea25e5fe744e4831b817159caa783&_biz_l=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&_biz_t=1724810649494&_biz_i=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&_biz_n=1&rnd=375316&cdn_o=a&_biz_z=1724810649495
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B80) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 23 Aug 2024 21:35:46 GMT
server
ECS (amb/6B80)
age
361703
x-cache
HIT
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
u
cdn.bizibly.com/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/u?_biz_u=4b9ea25e5fe744e4831b817159caa783&_biz_l=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&_biz_t=1724810649496&_biz_i=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&rnd=810034&cdn_o=a&_biz_z=1724810649496
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7E) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 23 Aug 2024 21:15:57 GMT
server
ECS (amb/6B7E)
age
362892
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
attribution_trigger
px.ads.linkedin.com/ 		2 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=26304&time=1724810649506&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:08 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B095B89C853249C8835F1F5BF4541777 Ref B: FRAEDGE2021 Ref C: 2024-08-28T02:04:09Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYgtMYS3AB1aC8sHk2rvQ==
x-fs-uuid
000620b4c612dc0075682f2c1e4dabbd
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1724810649506&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1724810649506&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&e_ipv6=AQKfJ2fEDiDS4QAAAZGWueAOMmm8...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1724810649506&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&e_ipv6=AQKfJ2fEDiDS4QAAAZGWueAOMmm8Qa2qMG2M4jZAMd335_YYViFOCZW79tS1FIL82Aivb-HTgUUpE-BtUd6MTGZbWHT7IA
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2CDC5A20457E4E7C8691BF27322FA85B Ref B: FRAEDGE1815 Ref C: 2024-08-28T02:04:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYgtMYWJBNsoi3/Ci5DUg==

Redirect headers

date
Wed, 28 Aug 2024 02:04:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E993CD553DC74A44B1D57730C866AEC0 Ref B: FRAEDGE1618 Ref C: 2024-08-28T02:04:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1724810649506&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&e_ipv6=AQKfJ2fEDiDS4QAAAZGWueAOMmm8Qa2qMG2M4jZAMd335_YYViFOCZW79tS1FIL82Aivb-HTgUUpE-BtUd6MTGZbWHT7IA
x-li-proto
http/2
content-length
0
x-li-uuid
AAYgtMYTHcxO/1upSYfhuw==
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.212.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-212-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2e0f847c7f9e328ad24c8b44e9032ee0effb08dd7ea86d0dc00ec545449fa028

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 02:04:09 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.212.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-212-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 02:04:09 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
xdc.js
cdn.bizible.com/ 		111 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=4b9ea25e5fe744e4831b817159caa783&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.08.22
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC3) /
Resource Hash
c8e1359e679bcb862158783bcf8280be038ee55ea16fb840d931833a6409402e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
server
ECS (amb/6BC3)
etag
81351157
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
content-length
214
bg9s
tag-logger.demandbase.com/ 		0
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=GFbkKC5fitGePvobBoWZDzodmtJv3IB8xZ45C5IvWmh6UqK2VOZVZg==&api-version=v2
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d800:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date
Tue, 27 Aug 2024 22:30:09 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
67281
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Tue, 07 Mar 2023 20:47:02 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
PcQa0yEDZxtEg8sdSF_Yz6O0EafC6C_j-9uI3Sggw-A0-1OvdzE5Ww==
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?gdpr=&gdpr_consent=&id=1718952&order_id=%5BORDER_ID%5D&seg=34797513&t=1&value=%5BREVENUE%5D
  • https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718952%26order_id%3D%255BORDER_ID%255D%26seg%3D34797513%26t%3D1%26value%3D%255BREVENUE%255D
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718952%26order_id%3D%255BORDER_ID%255D%26seg%3D34797513%26t%3D1%26value%3D%255BREVENUE%255D
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
an-x-request-uuid
7b15d1bd-4d38-4e7e-8e91-61cd68d65b36
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
an-x-request-uuid
4f073419-4b9e-49e5-81a7-5956ee8d8ead
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718952%26order_id%3D%255BORDER_ID%255D%26seg%3D34797513%26t%3D1%26value%3D%255BREVENUE%255D
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.73; 45.141.152.73; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
go.affec.tv/per/ 		846 B
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/per/?gdpr=&gdpr_consent=&k=94d55f4b-7357-46e7-b587-ffb343195048&p=6a844cb1-30bc-4723-8446-2cd9d1f839b8
Requested by
Host: go.affec.tv
URL: https://go.affec.tv/j/64fa38cc287519aad2798b3c?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.95.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-95-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
788a31bd9571e06e6335a5b2ec903f3099f20f33505a5c0b19750fc1c7e15f70

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type
application/javascript
cache-control
no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length
549
expires
Wed, 04 Apr 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D66ce8599cf3c7800010397ec%26chc%3Daf%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/an/5191495850101263159?ch=66ce8599cf3c7800010397ec&chc=af&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
content-length
134
vary
Accept-Encoding
content-type
text/html; charset=utf-8
64fa38cd287519aad2798b3d
go.affec.tv/j/ 		523 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/j/64fa38cd287519aad2798b3d?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.95.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-95-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5e5c216cafaeb16e22017cd601cc51d40a986fa637ea66eadf476494777053e7

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type
application/javascript
cache-control
no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length
359
expires
Wed, 04 Apr 1990 00:00:00 GMT
6a844cb1-30bc-4723-8446-2cd9d1f839b8-async.js
cdn.permutive.com/ 		279 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/6a844cb1-30bc-4723-8446-2cd9d1f839b8-async.js
Requested by
Host: go.affec.tv
URL: https://go.affec.tv/per/?gdpr=&gdpr_consent=&k=94d55f4b-7357-46e7-b587-ffb343195048&p=6a844cb1-30bc-4723-8446-2cd9d1f839b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d39f00710c4fbe03d22868a85668d61f69cbef3f194e751fe35b3c11535820

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
6a844cb1-30bc-4723-8446-2cd9d1f839b8
age
0
x-guploader-uploadid
ABPtcPqzQ_tqp333yyqLZsEB7pwnftGWOV8ZE3g-BRvC3l0zoZZEj7iFltVWl_4SkP6Gmwso_AQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
81473
last-modified
Fri, 22 Sep 2023 17:01:24 GMT
server
cloudflare
etag
"3e69fada1db39616132a67f54adaf5a4"
vary
Accept-Encoding
x-goog-generation
1695402084169978
content-type
application/javascript
x-goog-hash
crc32c=OD+e0A==, md5=Pmn62h2zlhYTKmf1Str1pA==
cache-control
public, max-age=900
x-goog-stored-content-length
81473
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ba0baa02a81974d-FRA
expires
Wed, 28 Aug 2024 02:19:09 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?gdpr=&gdpr_consent=&id=1718953&order_id=%5BORDER_ID%5D&seg=34797516&t=1&value=%5BREVENUE%5D
  • https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718953%26order_id%3D%255BORDER_ID%255D%26seg%3D34797516%26t%3D1%26value%3D%255BREVENUE%255D
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718953%26order_id%3D%255BORDER_ID%255D%26seg%3D34797516%26t%3D1%26value%3D%255BREVENUE%255D
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
an-x-request-uuid
81f163ee-4dbc-4bcd-bd8a-8e5b3f0b9dd9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
an-x-request-uuid
4828c6f9-1271-4aa2-bf39-5fd01bfceb1d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%26gdpr_consent%3D%26id%3D1718953%26order_id%3D%255BORDER_ID%255D%26seg%3D34797516%26t%3D1%26value%3D%255BREVENUE%255D
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.73; 45.141.152.73; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/ 		116 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=oeyzgkQ7R8piwGBmS0lgBg&is_js=true&landing_url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&t=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&tip=KQv1Cd_Wz0cC09VSFVIZVOU40yUTNYuvOYfAd3EVfJg&host=https%3A%2F%2Fwww.bitsight.com&sa_conv_data_css_value=%270-2cc8c60c-7413-5eac-5475-e6bc12b7c594%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd92cc8c60c74135eac5475e6bc12b7c5942d8d9849&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5ENYBGAQgmYu6tgYwAToEED3EAEIEBBdPtg.RhIp%252B4oBWlAmmybhomeb2cRGolQOsPeG6fIW8ETgYj0&sa-user-id-v2=s%253ALMjGDHQTXqxUdea8ErfFlC2NmEk.bfBohVbi6Ps7jfJPbDVTrRC8ZsDmZGBI62yRLWz4jmc&sa-user-id=s%253A0-2cc8c60c-7413-5eac-5475-e6bc12b7c594.Kj1e4ChsDa5rsJnXr1I8sJMzc8nRCBBhOirE5CuTG4w
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.212.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-212-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
64ae2ac91d9fd9325a866ccae4fb1118c46e1ccc2ffe8ce6c07c02d61d2e38a1

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.bitsight.com
date
Wed, 28 Aug 2024 02:04:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
0d59523d-4059-48f0-a2ec-050cf1f7ce41
https://www.bitsight.com/ Frame 		0
0
660ff83e-6b8a-448d-b5eb-a46cb2152f76
https://www.bitsight.com/ Frame 		0
0
getuidj
ib.adnxs.com/ 		29 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
96cae1f423921bc4af1634afc4e98c58dd1859405ea811d1765685d4181064c2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
an-x-request-uuid
b5af4366-6765-446d-bdce-3a2ba6a0e09c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bitsight.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
geoip
api.permutive.com/v2.0/ 		246 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=94d55f4b-7357-46e7-b587-ffb343195048
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.bitsight.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
identify
api.permutive.com/v2.0/ 		50 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=94d55f4b-7357-46e7-b587-ffb343195048
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1d7abf884f8348ca5209cfac3abc8bba92cc5b95bff2f297ee4e1ab303354386

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.bitsight.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
audiences
api.permutive.com/audience-matching/v1/id/bb7f5f0d-daba-4962-a9a5-60cdfea848e5/ 		12 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/bb7f5f0d-daba-4962-a9a5-60cdfea848e5/audiences?k=94d55f4b-7357-46e7-b587-ffb343195048
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 02:04:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RJ4RWVVWH4&gtm=45je48r0h2v882142918z876025611za200zb76025611&_p=1724810649020&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dNTIxZG&cid=710076879.1724810649&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1724810649&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&dt=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&en=experience_impression&ep.exp_variant_string=OPT-30153410336(Why%20Bitsight%20vs%20Data%20%26%20Insights)-30207080019(Original)&_et=1&tfd=2756
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RJ4RWVVWH4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RJ4RWVVWH4&gtm=45je48r0h2v882142918za200zb76025611&_p=1724810649020&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dNTIxZG&cid=380285177.1724810650&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=3&sid=1724810649&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&dt=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&en=Demandbase_Event&_fv=1&_nsi=1&_ss=1&_ee=1&ep.demandbase_company_name=Seagate%20Technology%20GmbH&ep.demandbase_audience=Enterprise%20Business&ep.demandbase_audience_segment=Software%20%26%20Technology&ep.demandbase_city=Muenchen&ep.demandbase_country_name=Germany&epn.demandbase_sid=3693507&ep.demandbase_employee_range=Enterprise&ep.demandbase_industry=Software%20%26%20Technology&ep.demandbase_web_site=seagate.com&ep.demandbase_revenue_range=Over%20%245B&ep.demandbase_state=BY&ep.demandbase_sub_industry=Software%20Applications&tfd=2756
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RJ4RWVVWH4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.ads.linkedin.com/wa/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9F94DBFD296D4973B4AF500AC4DC5655 Ref B: FRAEDGE1618 Ref C: 2024-08-28T02:04:09Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://www.bitsight.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYgtMYY6oR+OE9qz6kKPQ==
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2507617663&v=1.1&a=277648&rcu=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&pu=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&t=7777+Botnet+%E2%80%93+Insights+into+a+Multi-Target+Botnet+%7C+Bitsight&cts=1724810649912&vi=d9a6353798507d0d11e6f1ba63d00e14&nc=true&u=208292109.d9a6353798507d0d11e6f1ba63d00e14.1724810649911.1724810649911.1724810649911.1&b=208292109.1.1724810649911&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5055135d-8389-48fb-aff7-f4a5341f8cc7
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
9
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5055135d-8389-48fb-aff7-f4a5341f8cc7
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFWWLpRa33vbxaqe183txitPFmEPZ5ua7MsFXMEbfG2Mxv0dw1pFLb8qG47F7FMOiL5cLR43CRBl%2BuyDBz5Nf9Huhn7ILFM7SGE2WlxyvxE3ODhg1Wyco04mxsicW67pXb7QZprbA4qmWoH46fR5"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-mn446
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8ba0baa22c7c2c75-FRA
x-robots-tag
none
aem.js
wsmcdn.audioeye.com/ 		1 KB
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsmcdn.audioeye.com/aem.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75684c219813bfcf8a608956ada4d7490895373769180f6aae7c4a3730d7564e

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:09 GMT
content-encoding
br
surrogate-keys
cf-cache-status
HIT
server
cloudflare
age
1
etag
W/"445ed14bb56ba3a9e0c6b6de97173465"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
8ba0baa23b4c37d7-FRA
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=277648&utk=d9a6353798507d0d11e6f1ba63d00e14&__hstc=208292109.d9a6353798507d0d11e6f1ba63d00e14.1724810649911.1724810649911.1724810649911.1&__hssc=208292109.1.1724810649911&currentUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d011d0d5e84f2191558c710055f08a6c797b84f765c3cbe5b43dcd87bcf55811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
175ca101-cf82-40ef-9149-e73a7c607b11
content-encoding
br
x-envoy-upstream-service-time
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
175ca101-cf82-40ef-9149-e73a7c607b11
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bitsight.com
x-evy-trace-virtual-host
all
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-6m5fr
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1l6iKrqmYIzb%2BHZa7bPKDcdM2e7Fknmj5CVJg1d7wMjSOlGhb8kG7mGnhBGmPkZ4W2mpgE%2B93EsOEQ5I%2BEktf%2FzHNpWt5uEHqg78AE8JW2P0dBEXlqEoWo1lh%2FtxgXWJv8N4zajQqznJ569DDoEm"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8ba0baa23d1ad374-FRA
favicon.ico
www.bitsight.com/sites/default/files/ 		4 KB
699 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bitsight.com/sites/default/files/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77cddbf66be2b35d501d2c904c7fdf17ac528af69096fa9acd0e8a9eddd0c336
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Aug 2025 13:31:42 GMT
date
Wed, 28 Aug 2024 02:04:10 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-ah-environment
prod
x-request-id
v-63bd8a40-500a-11ef-8fe5-4bafd4e77667
last-modified
Thu, 20 Apr 2023 01:16:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
max-age=31536000
cf-ray
8ba0baa22ad9d350-FRA
x-cache-hits
24777
bootstrap.js
wsv3cdn.audioeye.com/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b&cb=bf8f99d
Requested by
Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00199a13ce9efd58702177c835f06f29eecaeec9bc247e01facd95fd58302dd

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
content-encoding
br
surrogate-keys
95c39350d8f4b765016b0e58199c2f8b
cf-cache-status
HIT
server
cloudflare
age
16024
etag
W/"d9a3c12f805dcd527978bf62dfd736bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, s-maxage=21600
cf-ray
8ba0baa3198a9f11-FRA
events
logx.optimizely.com/v1/ 		0
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
8eec2f2f-ea9d-41f5-964a-234cda038942
loader.js
wsv3cdn.audioeye.com/v2/scripts/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=95c39350d8f4b765016b0e58199c2f8b&lang=en&cb=bf8f99d
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b&cb=bf8f99d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
999449f285074641e0b1386cc324129295e23472085ee58efd6c1f164e756258

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
content-encoding
br
surrogate-key
prod 95c39350d8f4b765016b0e58199c2f8b bf8f99d
last-modified
Wed, 28 Aug 2024 00:37:11 GMT
server
cloudflare
cf-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray
8ba0baa37c61d2bf-FRA
jquery.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b&cb=bf8f99d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
941d0da342e1fb464c309c3eb5e9a63176653d7e52a9bee326dcc9155201c9ba

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 22:49:27 GMT
server
cloudflare
age
3909
etag
W/"66bd3477-17d97"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa359a39f11-FRA
expires
Thu, 28 Aug 2025 02:04:10 GMT
startup.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b&cb=bf8f99d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432f520e34021d1b39d850772a2a5590c27b5edefa3ca6defa13f560e60f1a8c

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Aug 2024 02:58:23 GMT
server
cloudflare
age
3967
etag
W/"66bd6ecf-4c94c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa359a49f11-FRA
expires
Thu, 28 Aug 2025 02:04:10 GMT
trends.min.js
assets.trendemon.com/tag/ 		301 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.trendemon.com/tag/trends.min.js
Requested by
Host: www.bitsight.com
URL: https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2042:ba00:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
633bcfe427a83d802616ed31a4a273861f102af031357ecdd96336af3cde81b8

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:01:29 GMT
content-encoding
gzip
via
1.1 83f9969abb9f43b17789799503ae532c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Aug 2024 13:47:35 GMT
server
AmazonS3
x-amz-cf-pop
MAD51-C2
age
337
x-amz-server-side-encryption
AES256
etag
"be18d6d096975527536c71e8023b1f33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
61225
x-amz-cf-id
iUeq9T7f7_i96_d-xU2iXO4TS_OUL0zGa3fGssZJ653sPdM98wHL9g==
56408
i.liadm.com/s/
Redirect Chain
  • https://tracking.intentsify.io/page-tracking/intentsify-bitsight/https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet
  • https://a.usbrowserspeed.com/cs?pid=5476ad7fb254ae8ddffd9ee34e77cfbb0c895c04783f2a615f8a1341878ee532&puid=e08d179f-8f0c-48f6-a717-2107fc5454fb-intentsify-bitsight
  • https://a.remarketstats.com/px/li-co/
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=e87ce2d8-5150-471b-a93f-ec9a33264aea&ccid=e87ce2d8-5150-471b-a93f-ec9a33264aea&redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs...
0
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=e87ce2d8-5150-471b-a93f-ec9a33264aea&ccid=e87ce2d8-5150-471b-a93f-ec9a33264aea&redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d59ee852e%252d52a9%252d51bc%252d88c1%252dcadebea964dd
Protocol
HTTP/1.1
Server
52.2.126.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-126-120.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 02:04:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0

Redirect headers

date
Wed, 28 Aug 2024 02:04:11 GMT
x-frontend
cc-nginx-8674cc857-kjglf:cc-nginx-8674cc857-kjglf
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
f8498590-71f4-46e8-9dfd-623666105f94
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNNu9QIll91p9ryNCbZgSNFJxyVHxAWS8tNCIgdQLa6dsLhAr8tfKy73HrfTDag5nc0eSTLrxwhLZBSHoROciWe2opJjkO3tFxQ5%2Fm6k2BGFHrVyJnchiOTj1hmqe%2BeyiWHo0nz25wQneGKnJyugKeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=e87ce2d8-5150-471b-a93f-ec9a33264aea&ccid=e87ce2d8-5150-471b-a93f-ec9a33264aea&redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d59ee852e%252d52a9%252d51bc%252d88c1%252dcadebea964dd
cf-ray
8ba0baaa2f881e4d-FRA
events
api.permutive.com/v2.0/batch/ 		101 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=94d55f4b-7357-46e7-b587-ffb343195048
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
20a7b79701b2c74592e1bdd0fd321bb3e0614c4d86bbdc4ad42143626748d7bd

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.bitsight.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109
2423
trackingapi.trendemon.com/api/settings/ 		593 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/settings/2423?callback=jsonp2744&vid=
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
e8f0e058063fd9f5e778c1ac2856f49604aa193818ba02818b532d33dfd2a191

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:10 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
593
content-type
application/x-javascript; charset=UTF-8
identity.min.js
assets.trendemon.com/global/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.trendemon.com/global/identity.min.js
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2042:ba00:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:06:06 GMT
content-encoding
gzip
via
1.1 83f9969abb9f43b17789799503ae532c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Aug 2024 13:47:39 GMT
server
AmazonS3
x-amz-cf-pop
MAD51-C2
age
64685
etag
W/"3f44b799c727cbac65d90f0779b8eb4e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
X1kMev911bPzLuCBdv3kqd2iRTNIPtPnHuIpUndwRSpE3N3MHBRRfw==
me
trackingapi.trendemon.com/api/Identity/ 		94 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/Identity/me?accountId=2423&DomainCookie=17248106506868737&fingerPrint=027db7506a91cd86102eb89db7026950&callback=jsonp695590&vid=
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
2765e79ea2dff4224796ce67351bedbef575246747d6b8ec3d100cbbe3a59934

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:10 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
94
content-type
application/x-javascript; charset=UTF-8
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=94d55f4b-7357-46e7-b587-ffb343195048
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 02:04:10 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
marketingautomation
trackingapi.trendemon.com/api/ 		94 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/marketingautomation?AccountId=2423&ClientUrl=aHR0cHM6Ly93d3cuYml0c2lnaHQuY29tL2Jsb2cvNzc3Ny1ib3RuZXQtaW5zaWdodHMtbXVsdGktdGFyZ2V0LWJvdG5ldA%3D%3D&CookieId=17248106506868737&MaCookie=ZDlhNjM1Mzc5ODUwN2QwZDExZTZmMWJhNjNkMDBlMTQ%3D&MaCookieName=aHVic3BvdHV0aw%3D%3D&MaName=hubspot&callback=jsonp193247&vid=2423:17248106506868737
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
753371e7c8c02c1fe333a8785a54141c91d46b142db227242e9c910f1c9dd23d

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:10 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
94
content-type
application/x-javascript; charset=UTF-8
ace-campaign
trackingapi.trendemon.com/api/experience/ 		17 B
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/experience/ace-campaign?AccountId=2423&ClientUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&Referral=&callback=jsonp394767&vid=2423:17248106506868737
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
d18e75c72ed3266e7813229e152831969c615597f791d28dfbce0ed257124a72

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
server
Kestrel
content-length
17
content-type
application/x-javascript; charset=UTF-8
tangoEngine.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209638939ad7c0240f8b3d2afd21f9bb9e20983da22619c8df4d5bf138f8fd53

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 22:49:27 GMT
server
cloudflare
age
3990
etag
W/"66bd3477-1f877"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa84bc49f11-FRA
expires
Thu, 28 Aug 2025 02:04:10 GMT
pageview
trackingapi.trendemon.com/api/events/ 		43 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trackingapi.trendemon.com/api/events/pageview?accountId=2423&url=aHR0cHM6Ly93d3cuYml0c2lnaHQuY29tL2Jsb2cvNzc3Ny1ib3RuZXQtaW5zaWdodHMtbXVsdGktdGFyZ2V0LWJvdG5ldA%3D%3D&cookie=17248106506868737&referral=&variant=&otwId=&otwItemId=&streamId=&streamContentId=&vid=2423:17248106506868737&r=1724810650989
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:11 GMT
server
Kestrel
age
1691358
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
expires
Mon, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/ 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
29dfe994-2b53-4f29-938b-dd6e388d0bfe
cookieStorage.html
wsv3cdn.audioeye.com/v2/frame/ Frame 7D1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=bf8f99d
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
1134670
cache-control
public, max-age=365000000, immutable
cf-cache-status
HIT
cf-ray
8ba0baa8f8463a79-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Aug 2024 02:04:11 GMT
last-modified
Wed, 14 Aug 2024 22:50:56 GMT
server
cloudflare
vary
Accept-Encoding
send
analytics.audioeye.com/air/v0/ 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.audioeye.com/air/v0/send
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.213.234.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-234-25.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 02:04:11 GMT
content-length
0
1856.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		372 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/1856.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c439891e9ca959c88a76af5bf4ffcf654f0e031d45d609046cf78d4a20900471

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Aug 2024 02:58:23 GMT
server
cloudflare
age
3920
etag
W/"66bd6ecf-174"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa8ec129f11-FRA
expires
Thu, 28 Aug 2025 02:04:11 GMT
3772.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		480 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/3772.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9960eb7729427396c231a55d2b8ac8c67df194d83cc0b7410b086a0ad892d4bb

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 22:49:27 GMT
server
cloudflare
age
4046
etag
W/"66bd3477-1e0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa8ec139f11-FRA
expires
Thu, 28 Aug 2025 02:04:11 GMT
5121.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		382 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/5121.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Aug 2024 02:58:23 GMT
server
cloudflare
age
4046
etag
W/"66bd6ecf-17e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa8ec169f11-FRA
expires
Thu, 28 Aug 2025 02:04:11 GMT
874.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		193 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/874.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 22:49:27 GMT
server
cloudflare
age
3999
etag
W/"66bd3477-c1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa8ec179f11-FRA
expires
Thu, 28 Aug 2025 02:04:11 GMT
6365.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		1 KB
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/6365.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Aug 2024 02:58:23 GMT
server
cloudflare
age
4055
etag
W/"66bd6ecf-42e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa8ec1a9f11-FRA
expires
Thu, 28 Aug 2025 02:04:11 GMT
launcher.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		79 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb2d85ecfa4c92bfcfa9d225a12de6bad5f1d24d13fb7e616160d857c4e02449

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 22:49:27 GMT
server
cloudflare
age
3991
etag
W/"66bd3477-13d55"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa8fc1c9f11-FRA
expires
Thu, 28 Aug 2025 02:04:11 GMT
compliance.bundle.bf8f99d.js
wsv3cdn.audioeye.com/v2/build/ 		156 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.bf8f99d.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6083dd4617b79dd510106c2d1344621f90d0625237bcf369f53209b5ce64d5f7

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Aug 2024 02:58:23 GMT
server
cloudflare
age
3999
etag
W/"66bd6ecf-27177"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba0baa8fc1d9f11-FRA
expires
Thu, 28 Aug 2025 02:04:11 GMT
audioeye-scanner.js
wsv3cdn.audioeye.com/static-scripts/audioeye-scanner/v8.1.3/ 		298 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/static-scripts/audioeye-scanner/v8.1.3/audioeye-scanner.js
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.bf8f99d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb6b91d4f175eff554e93fd419c8f7316ccecf05ad65c0a4f3b38d22a1b34c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
access-control-request-method
GET
content-encoding
br
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
729282
etag
W/"412eebdaa5cc7436f38708aa105aedf8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
8ba0baa93c3f9f11-FRA
personal-stream
trackingapi.trendemon.com/api/experience/ 		17 B
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/experience/personal-stream?AccountId=2423&ClientUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&MarketingAutomationCookie=d9a6353798507d0d11e6f1ba63d00e14&ExcludedStreamsJson=%5B%5D&callback=jsonp942926&vid=2423:17248106506868737
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
a4b7f8f6f18b68d97b851f317b73f48676d2ee447a5700018e21cfe08ecda39e

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
server
Kestrel
content-length
17
content-type
application/x-javascript; charset=UTF-8
personal
trackingapi.trendemon.com/api/experience/ 		15 B
114 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/experience/personal?AccountId=2423&ClientUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&MarketingAutomationCookie=d9a6353798507d0d11e6f1ba63d00e14&ExcludeUnitsJson=%5B%5D&streamId=&callback=jsonp585257&vid=2423:17248106506868737
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
bd336f24727c220609f4365806e3097d3b07a327088bb77c705885dd2ed44f81

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
server
Kestrel
content-length
15
content-type
application/x-javascript; charset=UTF-8
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35

Request headers

Referer
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
font/truetype
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 		14 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bitsight.com/
Origin
https://www.bitsight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:12:07 GMT
x-content-type-options
nosniff
age
154321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13976
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 07:12:07 GMT
personal-embedded
trackingapi.trendemon.com/api/experience/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=2423&ClientUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&MarketingAutomationCookie=d9a6353798507d0d11e6f1ba63d00e14&Ids=%5B%5D&Groups=%5B%5D&StreamId=&callback=jsonp993712&vid=2423:17248106506868737
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.83.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-83-211.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
14cb71653a51b04c1db05b0e894fb6db77c53a5cda939edf8401ae84bac2f95d

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:04:11 GMT
server
Kestrel
content-length
2490
content-type
application/x-javascript; charset=UTF-8
closex.png
pic.trendemon.com/images/ 		386 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.trendemon.com/images/closex.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.154.22.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-22-21.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 07:38:05 GMT
Via
1.1 699b17f3a3f122d19f1a66f7411fd8ca.cloudfront.net (CloudFront)
Last-Modified
Tue, 16 Apr 2019 23:23:30 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MAD53-P1
Age
66423
ETag
"7da2ae17c3b671047838f7b78687a56f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
386
X-Amz-Cf-Id
gZSLXLQSHP4lS8y80yi0MDPTvOU6EaBqqY-pYClZZ8dsRkHsaCXzJQ==
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=94d55f4b-7357-46e7-b587-ffb343195048
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Aug 2024 02:04:14 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RJ4RWVVWH4&gtm=45je48r0h2v882142918za200zb76025611&_p=1724810649020&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dNTIxZG&cid=380285177.1724810650&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=4&sid=1724810649&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&dt=7777%20Botnet%20%E2%80%93%20Insights%20into%20a%20Multi-Target%20Botnet%20%7C%20Bitsight&en=Demandbase_Event&_ee=1&epn.1=3693507&ep.2=Seagate%20Technology%20GmbH&ep.3=Software%20%26%20Technology&ep.4=Software%20Applications&ep.5=Enterprise&ep.6=Over%20%245B&ep.7=Enterprise%20Business&ep.8=Software%20%26%20Technology&ep.9=seagate.com&ep.10=Muenchen&ep.11=BY&ep.12=Germany&_et=1&tfd=7757
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RJ4RWVVWH4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:04:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bitsight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js_tracking
tags.srv.stackadapt.com/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2F7777-botnet-insights-multi-target-botnet&uid=oeyzgkQ7R8piwGBmS0lgBg&v=1&host=https%3A%2F%2Fwww.bitsight.com&l_src=&l_src_d=&u_src=&u_src_d=&shop=false
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.212.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-212-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.bitsight.com
date
Wed, 28 Aug 2024 02:04:19 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=94d55f4b-7357-46e7-b587-ffb343195048
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Aug 2024 02:04:19 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bitsight.com
URL
blob:https://www.bitsight.com/0d59523d-4059-48f0-a2ec-050cf1f7ce41
Domain
www.bitsight.com
URL
blob:https://www.bitsight.com/660ff83e-6b8a-448d-b5eb-a46cb2152f76

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| optimizely object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| consentListeners function| onConsentChange object| __dispatched__ function| addConsentListenerTA function| handleConsentDecision string| _linkedin_data_partner_id string| GoogleAnalyticsObject function| ga function| rdt object| MathTag object| domains string| source string| medium string| term string| content string| campaign string| session_count string| pageview_count string| hostname object| _gaq string| doname number| j function| get_campaign_info function| get_utm_value function| get_session_count function| get_pageview_count number| TRD_ACC_ID function| appendScriptTag string| currentWebsiteUrl string| serverUrl string| link function| saq function| _saq function| redditNormalizeEmail function| onYouTubeIframeAPIReady object| gaGlobal object| truste function| shouldRepop function| shouldResolveConsent string| userType function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| gaplugins object| gaData object| Demandbase function| once function| jQuery object| drupalSettings object| Drupal function| _typeof object| _hsp object| _gat string| gclid object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API object| ZILogs object| ziws function| lintrk boolean| _already_called_lintrk object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| _hsq object| VWO function| sanitizeKey boolean| _hstc_loaded object| globalRoot function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN function| dbGtag function| loadPiggybacks object| piggybacks object| permutive object| res object| saCookies string| current_window_url_param object| ORIBILI boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime string| __AudioEyeSiteHash boolean| __audioEyeInitialized function| readyCallback boolean| LEAD_FLOW_DOCUMENT_READY_RAN object| __audioEyeContext boolean| __audioEyeRunnerComplete number| __AudioEyeInitialLoadTime object| __AudioEyePerformance function| $Trd_Base64 function| $Trd_i18n function| __awaiter function| __generator function| $Trd_Utils function| $Trd_Tools function| RecordsService function| __extends function| $Trd_UserPageHistory_Cook object| enRenderModes object| $Trd_InternalEventsTypes object| $Trd_TriggersEventsTypes function| mapBackendTriggers function| $Trd_Context function| $Trd_EnvironmentSettings function| $Trd_ClientCookie function| $Trd_CtaClientCookie function| $Trd_ButtonSelector object| Frequency object| UnitVisibiltyType object| UnitTypeId object| AceVariantType object| AceElementAction object| AceElementAddPosition object| AceElementAddType object| ElementReplaceType object| AceImageReplaceMode object| AceImageObjectFit object| CssSizeUnits object| AceTextAlign object| AcePosition object| AceElementDisplay object| AceBackgroundImageFit object| StreamContentType object| StreamContentDesktopPosition object| StreamContentThumbnailType object| StreamLayoutAutoLoadTrigger function| $Trd_Logger object| COOKIE_NAMES function| $Trd_Visitor string| LOCAL_STORAGE_ITEM_NAME function| $Trd_FormListener function| $Trd_UrlGrabber function| $Trd_Events function| $Trd_Pageview string| $TRD_MA_COOKIE_NAME object| $TRD_MA_COOKIE_NAME_MAP function| $Trd_MarketingAutomation function| $TRD_CtaComponent function| $TRD_CtaContentComponent function| $TRD_GenericLayoutComponent function| $TRD_FormLayoutComponent function| $TRD_RecommendationLayoutComponent function| $TRD_RecommendCarouselLayoutComponent function| $TRD_GenericScriptComponent function| $TRD_FastTextLayoutComponent function| __assign function| __spreadArray function| $Trd_StreamManager function| $TRD_SurveyLayoutComponent number| COOLOFF_DAYS_AFTER_CLOSE number| COOLOFF_MS_AFTER_CLOSE function| $Trd_ExperienceManager function| $TRD_ClientAppFactory function| $TRD_ClientApp function| $TRD_ClientAppDrift function| $TRD_ClientAppSixSense object| trdContext function| $Trd_AceManager string| TRD_HIDER_STYLE_ID function| $Trd_NApi object| TrendemonContext object| $trd_Context object| trd_api object| IdentityConfig function| $Trd_Identity string| aecb function| ae_choose function| ae_loadScript function| loaderFunction function| $ae function| ae_jQuery number| __AudioEyeLoaderStartTime object| AudioEye object| AudioEyeWebpackJsonp

79 Cookies

Domain/Path Name / Value
tracking.intentsify.io/page-tracking/intentsify-bitsight Name: userId
Value: e08d179f-8f0c-48f6-a717-2107fc5454fb
map.go.affec.tv/map/an Name: oo
Value: 1
.bitsight.com/ Name: optimizelyEndUserId
Value: oeu1724810648999r0.1729296286256976
.bitsight.com/ Name: _gcl_au
Value: 1.1.1036405796.1724810649
.bitsight.com/ Name: _rdt_uuid
Value: 1724810649222.c4a89fd2-0a16-4ebf-a2dd-78589ffce767
.bitsight.com/ Name: _ga_RJ4RWVVWH4
Value: GS1.1.1724810649.1.0.1724810649.60.0.0
.bitsight.com/ Name: TAsessionID
Value: 5904bc43-01b6-4408-bf00-a9b58125bea3|NEW
.bitsight.com/ Name: notice_behavior
Value: implied,eu
.bitsight.com/ Name: _ga
Value: GA1.2.710076879.1724810649
.bitsight.com/ Name: _gid
Value: GA1.2.1864694251.1724810649
.bitsight.com/ Name: _gat_UA-36272386-4
Value: 1
.ws.zoominfo.com/ Name: visitorId
Value: 1a0f48e8366b356e4842b237b18841ebdb4b9c1c8f6a23565cc76a6d4d660d47
.zoominfo.com/ Name: __cf_bm
Value: jPOtRztTiIjlKiJ9In2zNDNNtWKly6ff8_hRYB9p80Q-1724810649-1.0.1.1-w2g1fFZ.y2U1hKmvE08OE6fyxux4JUL7nSd5mst_pGC_zPYQ7ZeN.Q3arrFApSY5kZXj4mnBx63mFNkiRuAxDw
.zoominfo.com/ Name: _cfuvid
Value: NWR4EL2rHQYq5V7IkUsvayVBCq9t.yZcRrZVj81so1g-1724810649399-0.0.1.1-604800000
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2cc8c60c-7413-5eac-5475-e6bc12b7c594.Kj1e4ChsDa5rsJnXr1I8sJMzc8nRCBBhOirE5CuTG4w
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2cc8c60c-7413-5eac-5475-e6bc12b7c594.Kj1e4ChsDa5rsJnXr1I8sJMzc8nRCBBhOirE5CuTG4w
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ALMjGDHQTXqxUdea8ErfFlC2NmEk.bfBohVbi6Ps7jfJPbDVTrRC8ZsDmZGBI62yRLWz4jmc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ALMjGDHQTXqxUdea8ErfFlC2NmEk.bfBohVbi6Ps7jfJPbDVTrRC8ZsDmZGBI62yRLWz4jmc
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5ENYBGAQgmYu6tgYwAToEED3EAEIEBBdPtg.RhIp%2B4oBWlAmmybhomeb2cRGolQOsPeG6fIW8ETgYj0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5ENYBGAQgmYu6tgYwAToEED3EAEIEBBdPtg.RhIp%2B4oBWlAmmybhomeb2cRGolQOsPeG6fIW8ETgYj0
.bitsight.com/ Name: __utma
Value: 15825701.710076879.1724810649.1724810649.1724810649.1
.bitsight.com/ Name: __utmc
Value: 15825701
.bitsight.com/ Name: __utmz
Value: 15825701.1724810649.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bitsight.com/ Name: __utmt_sfga
Value: 1
.bitsight.com/ Name: __utmb
Value: 15825701.1.10.1724810649
.bitsight.com/ Name: _biz_uid
Value: 4b9ea25e5fe744e4831b817159caa783
.bitsight.com/ Name: _biz_nA
Value: 2
www.bitsight.com/ Name: sa-user-id
Value: s%253A0-2cc8c60c-7413-5eac-5475-e6bc12b7c594.Kj1e4ChsDa5rsJnXr1I8sJMzc8nRCBBhOirE5CuTG4w
www.bitsight.com/ Name: sa-user-id-v2
Value: s%253ALMjGDHQTXqxUdea8ErfFlC2NmEk.bfBohVbi6Ps7jfJPbDVTrRC8ZsDmZGBI62yRLWz4jmc
www.bitsight.com/ Name: sa-user-id-v3
Value: s%253AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5ENYBGAQgmYu6tgYwAToEED3EAEIEBBdPtg.RhIp%252B4oBWlAmmybhomeb2cRGolQOsPeG6fIW8ETgYj0
.bizible.com/ Name: _BUID
Value: 4b9ea25e5fe744e4831b817159caa783
.bizibly.com/ Name: _BUID
Value: 5d71c2f010eea2f5c65f03d0236b2628
.company-target.com/ Name: tuuid
Value: 382bf85d-1eed-45f6-86cb-789da604b99d
.company-target.com/ Name: tuuid_lu
Value: 1724810649|ix:0|mctv:0|rp:0
.bitsight.com/ Name: _biz_ABTestA
Value: %5B1030737648%5D
.bitsight.com/ Name: _biz_pendingA
Value: %5B%5D
.go.affec.tv/ Name: ck
Value: 66ce859954019d000164c71f
.casalemedia.com/ Name: CMID
Value: Zs6FmVVbLTwAAEp.ADA0eQAA
.casalemedia.com/ Name: CMPS
Value: 5146
.casalemedia.com/ Name: CMPRO
Value: 5146
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GU!l9]ea!]tbP6j2F-XstGt!@Dl($tI]F
.adnxs.com/ Name: XANDR_PANID
Value: vEX1G8kkSpNfWRW_mF8IE9IlrG1OVn2wK1KkDYE0bWA2I0w7PUuc2Mpy7t_DKBdJASUKjJnKsKFamVxSt_-GHIIHBan4Z4AwXfnancCXNjc.
.adnxs.com/ Name: uuid2
Value: 5191495850101263159
.go.affec.tv/ Name: oo
Value: 1
.bitsight.com/ Name: permutive-id
Value: bb7f5f0d-daba-4962-a9a5-60cdfea848e5
.bitsight.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.linkedin.com/ Name: bcookie
Value: "v=2&189c9c70-c0d9-4747-83e4-0b46303b3788"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjQ4MTA2NDk7MjswMjEoEmrrwNKhtMy0P/NJ+GZsY6pYd2YhLOzfq0QtsHwMUg==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2956:u=1:x=1:i=1724810649:t=1724897049:v=2:sig=AQGS2hra5NTgJ-jCpCdLmAB-LdVWQnrq"
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcyNDgxMDY0OSwiaWQiOiI1MTkxNDk1ODUwMTAxMjYzMTU5IiwibHMiOjE3MjQ4MTA2NDl9LCJ2IjowfQ==|1724810649|6822cb243e3c1df21d7919aecd6eaf295224dc50
.tremorhub.com/ Name: tvid
Value: c30904f16ddd427eac5f47270139337c
.tremorhub.com/ Name: tv_UIDM
Value: 382bf85d-1eed-45f6-86cb-789da604b99d
.bitsight.com/ Name: __hstc
Value: 208292109.d9a6353798507d0d11e6f1ba63d00e14.1724810649911.1724810649911.1724810649911.1
.bitsight.com/ Name: hubspotutk
Value: d9a6353798507d0d11e6f1ba63d00e14
.bitsight.com/ Name: __hssrc
Value: 1
.bitsight.com/ Name: __hssc
Value: 208292109.1.1724810649911
.hubspot.com/ Name: __cf_bm
Value: 8Tm4a78y2LBdRE84IAHUap6JiWcZlpJYeKkGsloVqQs-1724810650-1.0.1.1-2i3mLkAPblByyqtuHkTBaNokxtTrVYkt1sCJd_ggoXF.1VbT1y0IyvHWmdudmVUozH3kYzIugu47cbG291c5Ig
.hubspot.com/ Name: _cfuvid
Value: popdUXcoqDZ7VUKyE7ykfnJwadLvL7tWMUeqpVAJ95o-1724810650079-0.0.1.1-604800000
.bitsight.com/ Name: trd_cid
Value: 17248106506868737
trackingapi.trendemon.com/ Name: trd_gavid_2423
Value: 17248106506868737
trackingapi.trendemon.com/ Name: trd_gvid
Value: 17248106506868737
trackingapi.trendemon.com/ Name: trd_vid_2423
Value: 2423%3A17248106506868737
.bitsight.com/ Name: trd_vid_l
Value: 2423%3A17248106506868737
.bitsight.com/ Name: trd_vuid_l
Value: 1041891637424441582
.bitsight.com/ Name: trd_ma_cookie
Value: ZDlhNjM1Mzc5ODUwN2QwZDExZTZmMWJhNjNkMDBlMTQ%3D
www.bitsight.com/ Name: _aeaid
Value: 21ab20d6-9b6a-4479-8063-486d82c54a6e
www.bitsight.com/ Name: aelastsite
Value: TtjLDjDwfaF1TTjoIhP9A0VMHHviwGrxnfPhNkhmzFrJiiv3l6ZPAzyzm6X3TIin
www.bitsight.com/ Name: aelreadersettings
Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
.a.usbrowserspeed.com/ Name: tuid
Value: 154ab880-1494-4e50-a1fd-84f1240fd964
.bitsight.com/ Name: source
Value: (direct)
.bitsight.com/ Name: medium
Value: (none)
.bitsight.com/ Name: content
Value: undefined
.bitsight.com/ Name: keyword
Value: undefined
.bitsight.com/ Name: campaign
Value:
.bitsight.com/ Name: landing_page
Value: /blog/7777-botnet-insights-multi-target-botnet
.bitsight.com/ Name: conversion_page
Value: /blog/7777-botnet-insights-multi-target-botnet
a.remarketstats.com/ Name: _ccpx_u
Value: e87ce2d8%2d5150%2d471b%2da93f%2dec9a33264aea
www.bitsight.com/ Name: aeatstartmessage
Value: true

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri /report-csp-violation
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.remarketstats.com
a.usbrowserspeed.com
a26349430206.cdn.optimizely.com
alb.reddit.com
analytics.audioeye.com
api.company-target.com
api.permutive.com
app.salesloft.com
assets.trendemon.com
cdn.bizible.com
cdn.bizibly.com
cdn.optimizely.com
cdn.permutive.com
consent.trustarc.com
fonts.gstatic.com
forms.hubspot.com
go.affec.tv
i.liadm.com
ib.adnxs.com
id.rlcdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
ka-p.fontawesome.com
logx.optimizely.com
map.go.affec.tv
match.adsrvr.org
outreach.bitsighttech.com
p.typekit.net
pic.trendemon.com
pixel-config.reddit.com
pixel.mathtag.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.company-target.com
secure.adnxs.com
snap.licdn.com
ssl.google-analytics.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tag.demandbase.com
tags.srv.stackadapt.com
track.hubspot.com
tracking.intentsify.io
trackingapi.trendemon.com
use.typekit.net
ws.zoominfo.com
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.bitsight.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
www.bitsight.com
13.107.42.14
13.224.189.13
151.101.1.140
151.101.65.140
152.195.15.58
18.154.22.21
18.193.212.223
18.245.46.44
18.66.102.75
185.89.210.20
2001:4860:4802:34::36
216.200.232.249
2600:9000:2042:ba00:2:7dc7:8f00:93a1
2600:9000:2490:d800:1d:8d6d:3b40:93a1
2606:4700:10::6816:4bf2
2606:4700:20::681a:37a
2606:4700:4400::6812:2844
2606:4700:4400::6812:28f0
2606:4700::6810:752b
2606:4700::6810:7674
2606:4700::6810:8cd1
2606:4700::6810:a0a8
2606:4700::6811:7611
2606:4700::6812:1c9b
2606:4700::6812:1d9b
2606:4700::6812:4139
2606:4700::6812:4239
2606:4700::6812:8d11
2620:1ec:21::14
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9a
2a02:26f0:3500:10::210:a9a
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a04:4e42:200::396
3.88.83.211
34.107.254.252
34.213.234.25
34.49.241.189
34.96.71.22
35.244.174.68
35.71.131.137
50.18.136.92
52.2.126.120
52.213.41.47
52.4.159.196
52.42.11.125
52.50.95.132
52.58.159.139
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
05ec3af317f66e55cf146dae21f89cefe57f554f4578b6f3cc2725556f6e4568
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741
1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14cb71653a51b04c1db05b0e894fb6db77c53a5cda939edf8401ae84bac2f95d
19dae6815a4b717bcfb64b68231b424380f6f4e0f6ca043300e205f3199d0136
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d7abf884f8348ca5209cfac3abc8bba92cc5b95bff2f297ee4e1ab303354386
1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2
209638939ad7c0240f8b3d2afd21f9bb9e20983da22619c8df4d5bf138f8fd53
20a7b79701b2c74592e1bdd0fd321bb3e0614c4d86bbdc4ad42143626748d7bd
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2765e79ea2dff4224796ce67351bedbef575246747d6b8ec3d100cbbe3a59934
2785338f57bd8c8bf3e6349d1ad3a7061b4985747fd6c488ddda0a15e9c1bdf3
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2b7a7368a6cca9fcd7c5f2ec658933e4d659dda40a9252133327a050f7be5822
2dcac4047f716bc02991807013dff48324f753a0fce153a57e5b6383437ba3fc
2e0f847c7f9e328ad24c8b44e9032ee0effb08dd7ea86d0dc00ec545449fa028
2e8710ea8e54e2fa54dbcb5e7de64ed283eea9667cef43953992f5bec6732d13
2f75f2bba428b256fdf85b78ba38e3c88c372433d6b484faf4da9c7780102494
34c3182cda2f077ddc6056538de879b93d0b22745ca7e768796050a110123060
357e9638466a0ed42f1a9d503d72f5d2420aa843ba7e1560851f762e707c9df8
3692dba7418917418d5324f80916d40f9fcd62d7fe953fc059164d0132974309
39623c86e4198f8b41011334fc0449c1f4fc53881eb4319d3abc170ab343b64c
3a9f95cd98279def71cf5279f01539030d309444815b54309fe6b692a40c3bc8
3d36321e0e26e264ce3e24193f1e2abbf7cf0df2807305869a4b3ed10bf3c383
40067388c9f58d4054ca0820e778a4dc7fc9f438096472757602b05c33dc78b4
401deae0c12a30d865a0d9d562ae3da5fcbb13d60e196f73d27e3f7a95dc7b2c
419070443915898c758df09443308ff56b55aaaef50b9e9d2f2d9c1bed232474
432f520e34021d1b39d850772a2a5590c27b5edefa3ca6defa13f560e60f1a8c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
47d39f00710c4fbe03d22868a85668d61f69cbef3f194e751fe35b3c11535820
48f34eb1ce7d0cbd0efad1b6683a8d15e031151f733f85f044fff6b4b066c9b4
53fe440fd8722dba2c71db5ae5817928330215b74c84a96096231dffde0c4017
597eaadaf8ff91a99dd23ce9c48bd76a015abd51b0c84719958a313844852259
5a06c148437510af39e43af96755690d51dade3be7db0e89187a517173a39fee
5e5c216cafaeb16e22017cd601cc51d40a986fa637ea66eadf476494777053e7
5e651f1816e7e5a3787c5fe3d558f0795375ca8f122e72c78c908940e4c2623c
6083dd4617b79dd510106c2d1344621f90d0625237bcf369f53209b5ce64d5f7
61f063f82aae5e17262c96063a404f2ad171a7f041098022aceccfd7423c1e0b
62a382e91ed614e0fde41e75af950e689567e895203f54fac5e2c81fc0df21d8
633bcfe427a83d802616ed31a4a273861f102af031357ecdd96336af3cde81b8
64ae2ac91d9fd9325a866ccae4fb1118c46e1ccc2ffe8ce6c07c02d61d2e38a1
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
753371e7c8c02c1fe333a8785a54141c91d46b142db227242e9c910f1c9dd23d
75684c219813bfcf8a608956ada4d7490895373769180f6aae7c4a3730d7564e
77cddbf66be2b35d501d2c904c7fdf17ac528af69096fa9acd0e8a9eddd0c336
788a31bd9571e06e6335a5b2ec903f3099f20f33505a5c0b19750fc1c7e15f70
7bdbe2296fe0d69cb54f75f8634242db65c3b02af117019e4575c0ee90871851
81c36cdb108432837c8b0aa93698c722ca46600ccd3b9b291f9525028cc597f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d5e9f085c0adf0c27f250e2121f83f603ef49f2eef0a0672ff3c4620adde03
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
941d0da342e1fb464c309c3eb5e9a63176653d7e52a9bee326dcc9155201c9ba
96cae1f423921bc4af1634afc4e98c58dd1859405ea811d1765685d4181064c2
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9960eb7729427396c231a55d2b8ac8c67df194d83cc0b7410b086a0ad892d4bb
9992a972d47b61dcf0eb7b9e515dac5b13f5076d350ff1d159aa70dffc7c4069
999449f285074641e0b1386cc324129295e23472085ee58efd6c1f164e756258
99a21545d4225c0181c2c0e7df5e5961abe2d404c65b35ca727c7a55fc4fa7d5
9ae9323e97db5aa486b9566ca0610adf0e575b702466a723ce7b56a3663b9a84
9c29c2da0a81b0678e7301d9a0de0254ade2caf2b6be3ac1bddb6524306fb35d
a4b7f8f6f18b68d97b851f317b73f48676d2ee447a5700018e21cfe08ecda39e
aae805aefa3404c97bdd551065ced7162b46c5f4ca50101eab68bc0265af46af
ad1464ef6f05067a0bee348a1ce3c3f5513a6f621d1b3d67ff994d477d7f7ce3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23289d5480704fc4e42493257586ab634b52b5f706de3f96df451208169c506
bd336f24727c220609f4365806e3097d3b07a327088bb77c705885dd2ed44f81
bd35a3d366b444cb0e011e3dbc1dd0270da4f3cd92a158f6741411a4865ac2c6
c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5
c439891e9ca959c88a76af5bf4ffcf654f0e031d45d609046cf78d4a20900471
c8e1359e679bcb862158783bcf8280be038ee55ea16fb840d931833a6409402e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d011d0d5e84f2191558c710055f08a6c797b84f765c3cbe5b43dcd87bcf55811
d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35
d18e75c72ed3266e7813229e152831969c615597f791d28dfbce0ed257124a72
d46328b6026c1b4d7f1b4707c3f2f1f2c8bf66292ae919034313697c557844d3
db7e8a6de6e97cf2fa8d709744e5c4eee295e2962786dbcbbb8da389a70fd1dc
dbe2450ea985e2c9c09a59f572b41bb82c98e2e72e681e56def06dcb5d57d71a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00199a13ce9efd58702177c835f06f29eecaeec9bc247e01facd95fd58302dd
e1046c25ede2dcb4cac3410178dc5d011065c5f0714c41d9906809bc657c0853
e157ae234a3355cfdc3c556f5eb217ef5813a52285c7bc076cbcb2f2b051e1fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b627b2aa5520423d9eef65612847ff0316ea78285f6ca54c461cabf4077f91
e8f0e058063fd9f5e778c1ac2856f49604aa193818ba02818b532d33dfd2a191
e9c868845bfe5b3bf488c1c436477de885248c4634cc36d08d11240fc9653290
ed53ee3cf68cdee37d5baae6bef8233f37b144c5c1f2780386885cb1355572c0
ee1b1b8e566d16455e7a351f87237f103ecd33be8111d4f3448056ef8dd00e04
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3
f2769341fbf31a14e512d5b4138e93597e2eaf57dc58a09748a0515f4d4fd267
f4313da09ef903b43059f86c88118846f9a01916857b958be35813cec02c4b42
faa835bf336518ca4931e778fb197ec61619cffb788dd165101fd75a72e8501c
fb2d85ecfa4c92bfcfa9d225a12de6bad5f1d24d13fb7e616160d857c4e02449
fbb6b91d4f175eff554e93fd419c8f7316ccecf05ad65c0a4f3b38d22a1b34c6
fcc825efbd3a34a29ae7b9bd642d2b255555ec30d23c63404ec5b1fcc7a84a4a