www.fortinet.com Open in urlscan Pro
13.56.220.180 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Submission: On April 15 via manual (April 15th 2019, 12:31:43 pm UTC) from US

Summary HTTP 57 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 15 domains to perform 57 HTTP transactions. The main IP is 13.56.220.180, located in San Jose, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.fortinet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on March 19th 2019. Valid for: 2 years.

This is the only time www.fortinet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	13.56.220.180 13.56.220.180	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	104.109.70.8 104.109.70.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	92.122.254.10 92.122.254.10	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
12	54.183.57.55 54.183.57.55	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	52.51.131.19 52.51.131.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.16.186.146 2.16.186.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.18.232.23 2.18.232.23	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	34.242.238.135 34.242.238.135	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	172.82.235.45 172.82.235.45	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	52.214.222.48 52.214.222.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.111.9.217 23.111.9.217	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a02:26f0:10e... 2a02:26f0:10e:2b0::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	172.82.228.19 172.82.228.19	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	52.6.202.37 52.6.202.37	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	23.67.137.77 23.67.137.77	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	3.120.53.177 3.120.53.177	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	66.117.29.3 66.117.29.3	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	50.19.60.226 50.19.60.226	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	54.247.81.38 54.247.81.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2620:119:50e0... 2620:119:50e0:105::6cae:b15	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
57	25

9 13.56.220.180 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-56-220-180.us-west-1.compute.amazonaws.com

www.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.70.8 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-70-8.deploy.static.akamaitechnologies.com

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.254.10 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-122-254-10.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.183.57.55 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-183-57-55.us-west-1.compute.amazonaws.com

www.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.51.131.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-131-19.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.146 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.23 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.238.135 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-238-135.eu-west-1.compute.amazonaws.com

fortinet.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.82.235.45 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: fortinet.com.ssl.sc.omtrdc.net

metrics.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.222.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-222-48.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.217 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

a.optmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e:2b0::3adf (European Union)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.82.228.19 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net

fortinetinc.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.202.37 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-6-202-37.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.67.137.77 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-137-77.deploy.static.akamaitechnologies.com

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.53.177 (Fairfield, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-53-177.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:20e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.3 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

fortinet.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.60.226 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-19-60-226.compute-1.amazonaws.com

api.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.81.38 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-81-38.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e0:105::6cae:b15 (United States)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	fortinet.com 1 redirects www.fortinet.com metrics.fortinet.com	927 KB
8	sharethis.com 1 redirects platform-api.sharethis.com buttons-config.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com l.sharethis.com	32 KB
7	adobedtm.com assets.adobedtm.com	82 KB
5	demdex.net 1 redirects dpm.demdex.net fortinet.demdex.net	3 KB
4	adroll.com s.adroll.com d.adroll.com	27 KB
3	omtrdc.net 1 redirects fortinetinc.sc.omtrdc.net fortinet.tt.omtrdc.net	1 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	linkedin.com px.ads.linkedin.com	94 B
1	opmnstr.com api.opmnstr.com	16 KB
1	facebook.com graph.facebook.com	598 B
1	bizographics.com sjs.bizographics.com	5 KB
1	optmnstr.com a.optmnstr.com	53 KB
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googletagmanager.com www.googletagmanager.com	23 KB
57	15

	Domain	Requested by
21	www.fortinet.com	www.fortinet.com
7	assets.adobedtm.com	www.fortinet.com assets.adobedtm.com
4	metrics.fortinet.com	1 redirects www.fortinet.com
4	dpm.demdex.net	1 redirects www.fortinet.com
3	l.sharethis.com	1 redirects www.fortinet.com
2	d.adroll.com	s.adroll.com www.fortinet.com
2	platform-cdn.sharethis.com	www.fortinet.com
2	fortinetinc.sc.omtrdc.net	1 redirects www.fortinet.com
2	s.adroll.com	www.googletagmanager.com s.adroll.com
2	www.google-analytics.com	www.googletagmanager.com www.fortinet.com
1	px.ads.linkedin.com	sjs.bizographics.com
1	api.opmnstr.com	a.optmnstr.com
1	fortinet.tt.omtrdc.net	assets.adobedtm.com
1	graph.facebook.com	platform-api.sharethis.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	sjs.bizographics.com	www.googletagmanager.com
1	a.optmnstr.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	fortinet.demdex.net	assets.adobedtm.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	www.googletagmanager.com	www.fortinet.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	www.fortinet.com
57	23

This site contains links to these domains. Also see Links.

Domain
www.virustotal.com
www.facebook.com
www.twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
fortiguard.com
secure.fortinet.com
fusecommunity.fortinet.com
cookie-script.com

Subject Issuer	Validity	Valid
www.fortinet.com DigiCert SHA2 High Assurance Server CA	`2019-03-19` - `2021-06-09`	2 years	crt.sh
*.sharethis.com DigiCert SHA2 Secure Server CA	`2018-12-16` - `2020-03-16`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-03-04` - `2020-03-11`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.sharethis.mgr.consensu.org DigiCert ECC Secure Server CA	`2018-07-31` - `2019-07-31`	a year	crt.sh
metrics.fortinet.com DigiCert SHA2 High Assurance Server CA	`2019-01-29` - `2021-02-02`	2 years	crt.sh
*.optmnstr.com Go Daddy Secure Certificate Authority - G2	`2018-07-10` - `2020-07-10`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2016-05-04` - `2019-05-23`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh
*.opmnstr.com Go Daddy Secure Certificate Authority - G2	`2019-04-11` - `2021-04-11`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2017-06-06` - `2019-06-11`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Frame ID: 274B6140BF580638CCF9FD82A55DDC3F
Requests: 53 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
Frame ID: B640D3A98482C4BDD53428D4AF83CD3D
Requests: 1 HTTP requests in this frame

Frame: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa864a164746d58b700412b.html
Frame ID: 73481B118E0B1F9E5F9DCA6E8BD065DC
Requests: 1 HTTP requests in this frame

Frame: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa864f264746d7629003a65.html
Frame ID: 8D682E23EAB1BE5982C933F001663E7B
Requests: 1 HTTP requests in this frame

Frame: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa8640864746d58b700411f.html
Frame ID: 053BAE3A0F1755DE4314CD46DA5303CB
Requests: 1 HTTP requests in this frame

Frame: https://fortinet.demdex.net/dest5.html?d_nsid=0
Frame ID: E6FBC67246BE7C2ED688767FBEB48102
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i
env /^adroll_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\/s[_-]code.*\.js/i
env /^s_(?:account|objectID|code|INST)$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

57
Requests

100 %
HTTPS

20 %
IPv6

15
Domains

23
Subdomains

25
IPs

4
Countries

1182 kB
Transfer

2183 kB
Size

17
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.virustotal.com/en/file/6e31148cc1b3235b71731c3944a7b06f861e104e978708d12c695ec09b5b3760/analysis/
Title: MSIL/Bladabindi.U!tr

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/88ae50176898a04cc982af3f23e67144e544a1224f5ac06c4abf61e59e54aa4a/analysis/
Title: MSIL/Agent.LI!tr

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/a3e4bee1b6944aa9266bd58de3f534a4c1896df621881a5252a0d355a6e67c70/analysis/
Title: W32/Agent.CPGR!tr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fortinet
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fortinet
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SecureNetworks
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fortinet
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/behindthefirewall/
Title:

Search URL Search Domain Scan URL

URL: https://fortiguard.com/
Title: FortiGuard Labs

Search URL Search Domain Scan URL

URL: https://secure.fortinet.com/fortiguard
Title: Threat Briefs

Search URL Search Domain Scan URL

URL: https://fusecommunity.fortinet.com/
Title: Fuse

Search URL Search Domain Scan URL

URL: https://cookie-script.com/
Title: Free cookie consent by cookie-script.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://dpm.demdex.net/id?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545

Request Chain 35

https://metrics.fortinet.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023 HTTP 302
https://fortinetinc.sc.omtrdc.net/id?AQB=1&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1

Request Chain 36

https://cm.everesttech.net/cm/dd?d_uuid=29188430682563054251449660592038027916 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XLR5nAAAE6qDmhN_

Request Chain 42

https://fortinetinc.sc.omtrdc.net/id?AQB=1&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1 HTTP 302
https://metrics.fortinet.com/id?AQB=1&vmr=true&&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1

Request Chain 46

https://l.sharethis.com/pview?event=pview&version=st_sop.js&lang=en&hostname=www.fortinet.com&location=%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&product=sticky-share-buttons&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&source=sharethis.js&fcmp=false&title=Bladabindi%20Remains%20A%20Constant%20Threat%20By%20Using%20Dynamic%20DNS%20Services&publisher=5977d47080bb1d0011ab6d8f&ts1555331483466=&sop=true HTTP 301
https://l.sharethis.com/sc?cm=ZGAKmVy0eZwAAAASfwR3Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&sop=true

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html Show response
www.fortinet.com/blog/threat-research/ 39 KB
10 KB 779ms
270ms Document
text/html 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1fc6c774b7e75c84d68b655ce9db6402436b9bef9f80d0da6ed98453e6dc2a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.fortinet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=600, public
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Apr 2019 12:31:23 GMT
ETag: W/"9b08-58690d48ffe2a-gzip"
Last-Modified: Mon, 15 Apr 2019 12:31:23 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 10208
Connection: keep-alive

GET
H/1.1 200
OK clientlib-base.min.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 211 KB
17 KB 165ms
156ms Stylesheet
text/css 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.css

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

eb6058ea8eec777d07e89407b55de7990eb296b3f5a5ee4a6b04c71d3c129c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 22:25:24 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "34d65-58506cc185d00-gzip"
Vary: Accept-Encoding,User-Agent
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=43200, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 16858
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sharethis.js Show response
platform-api.sharethis.com/js/ 91 KB
28 KB 105ms
34ms Script
text/javascript 104.109.70.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.70.8 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-70-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 569c048e348b45041647af89e72b89595c36f226be6576296ab3cb071d660c3f

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:23 GMT
Content-Encoding: gzip
ETag: W/"16cd6-KTy8lms5FwWv8KzaPnbdwWCMREQ"
Vary: Accept-Encoding
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 27810

GET
H2 200 satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js Show response
assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/ 144 KB
41 KB 44ms
31ms Script
application/x-javascript 92.122.254.10
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.10 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a92-122-254-10.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f8919e9e7bdfe96d935b1dc4ed107be1868c0403198a7c2fc78faf6aae5f9efa

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 15 Apr 2019 12:31:23 GMT
content-encoding: gzip
last-modified: Mon, 08 Apr 2019 23:20:25 GMT
server: Apache
etag: "16c0c7ea72c8a25c202b16de325d3c20:1554765625"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Apr 2019 13:31:23 GMT

GET
H/1.1 200
OK fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ 32 KB
2 KB 713ms
169ms Image
image/svg+xml 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/fortinet-logo-white.svg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 22:26:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7ebb-58506d0447a80-gzip"
Vary: Accept-Encoding,User-Agent
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 1998
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2418.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 70 KB
71 KB 609ms
323ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2418.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

d1d899dca1ded276d37d51ae5c9419a8c40c54e27ed16bd02f97a8e519eff1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CvVersion%7C3.4.0; check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:46:24 GMT
Server: Apache
ETag: "118a3-58507edc61400"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 71843
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2419.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 42 KB
42 KB 487ms
159ms Image
image/png 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2419.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

32d90f9a5ebbb1d07a21f26bbbc35b083833c257a2ff7e2db0c87f91a9465c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CvVersion%7C3.4.0; check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 11:05:05 GMT
Server: Apache
ETag: "a773-5851168ef3a40"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 42867
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2420.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 13 KB
14 KB 698ms
322ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2420.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

3b7cad56d10552afbb25f5b662440df914b0e257b10395c65a1a324f87ba48fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CvVersion%7C3.4.0; check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 09:03:39 GMT
Server: Apache
ETag: "34e3-5850fb6a7b0c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 13539
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2421.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 15 KB
16 KB 655ms
167ms Image
image/png 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2421.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

219de732daf746c6612afd5079fc0c8b80e9efd2bd6980492b3c25d607af72cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CvVersion%7C3.4.0; check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:55:59 GMT
Server: Apache
ETag: "3da5-58508100be1c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 15781
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2422.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 51 KB
51 KB 482ms
316ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2422.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5feba58cf82d3a34d79d4e82914c9eda612f41415b21b98aefdafcb4f500f14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; _sdsat_mcvID=; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 09:57:37 GMT
Server: Apache
ETag: "cadd-5851077a7a640"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 51933
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2423.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 145 KB
145 KB 439ms
316ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2423.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ace24460b71b4fcc5700f129eac6c255c60b5db925e9bf24cc39458df56c481e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; _sdsat_mcvID=; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:55:59 GMT
Server: Apache
ETag: "2430f-58508100be1c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 148239
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2424.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 38 KB
38 KB 390ms
338ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2424.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

bc81009998d11cfb4a83fc0d14ef5dd8c8f82af920ac78b0a80a2956f332c9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CvVersion%7C3.4.0; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:55:59 GMT
Server: Apache
ETag: "9831-58508100be1c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 38961
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2425.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 19 KB
19 KB 160ms
159ms Image
image/png 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2425.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4d4ed9c7f5710fc0c91774a4374f2ef9765a827ebed616a38b859e65712512fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CvVersion%7C3.4.0; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:55:59 GMT
Server: Apache
ETag: "4adc-58508100be1c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 19164
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2426.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 23 KB
24 KB 163ms
162ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2426.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

fb5776c130a6fec55aeb39b1a8980450d89095844d2662b06f0111a5895d250f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CvVersion%7C3.4.0; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:55:59 GMT
Server: Apache
ETag: "5de5-58508100be1c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 24037
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2427.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 24 KB
24 KB 164ms
163ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2427.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

cafcb6a7aa8096fd2bb897347191feb0f20b743ddf418dc551059b39954b82a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CvVersion%7C3.4.0; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:55:59 GMT
Server: Apache
ETag: "5f21-58508100be1c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 24353
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2428.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 7 KB
7 KB 161ms
160ms Image
image/png 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2428.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f313e550618ea7fb80135b5fac2ed426a2e1c6e19f15b383d3a5e51ad3dc2396

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:55:59 GMT
Server: Apache
ETag: "1c3a-58508100be1c0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 7226
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2429.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 7 KB
8 KB 162ms
161ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2429.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ae9b55edb092b0e3636552bc0edfba415a21377b9f33fd2246167871a8358e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 07:53:29 GMT
Server: Apache
ETag: "1cb6-5850ebbb83040"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 7350
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2430.png
www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/ 23 KB
23 KB 164ms
163ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/new-images/uploads/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services-2430.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

14045a87db31f2215dd685d617185753d9f1e5f2bbfa65c6b9212d3630fa94ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 09:57:39 GMT
Server: Apache
ETag: "5b20-5851077c62ac0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 23328
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clientlib-base.min.js Show response
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 165 KB
53 KB 222ms
168ms Script
application/javascript 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

85c6103aabd94bf4584fbdd8b15cb68c08fa52f43dc229ac034a1bf6c855c0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 22:25:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2931b-58506cbdb5400-gzip"
Vary: Accept-Encoding,User-Agent
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=43200, public
transfer-encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 5977d47080bb1d0011ab6d8f.js Show response
buttons-config.sharethis.com/js/ 444 B
865 B 1051ms
8ms Script
text/javascript 104.109.70.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5977d47080bb1d0011ab6d8f.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.70.8 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-70-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7f0daa7591ef2b42b26dd9d39102440c242e7fd798e7898a620e5489d67ec73e

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
Last-Modified: Tue, 16 Jan 2018 20:14:52 GMT
Server: AmazonS3
x-amz-request-id: 0AC133D0755DBF6B
ETag: "6167cc13570c31ffc1713616a6fb087d"
Content-Type: text/javascript
Cache-Control: public, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 444
x-amz-id-2: 1K+l2awIqQWsrB/AEGzJ+FK+ESgNVdjKGLIlUinTQ39hpNKAJafrW3D/PPlRym1sjE8W3LlVi8o=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 60 KB
23 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:816::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBSLLPJ

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

604ae5068c06ac47597ed7e1c587a0ce7d8ff6e8174a979b285169f1b3277016

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 15 Apr 2019 12:31:23 GMT
content-encoding: br
last-modified: Thu, 11 Apr 2019 22:27:45 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 23009
x-xss-protection: 0
expires: Mon, 15 Apr 2019 12:31:23 GMT

GET
H/1.1

302
Found

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545
https://dpm.demdex.net/id/rd?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545

0
-1 B

156ms
40ms

XHR

52.51.131.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id/rd?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.131.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545
X-TID: MVX1Ep3sTSE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.fortinet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Access-Control-Allow-Origin: https://www.fortinet.com
X-TID: MVX1Ep3sTSE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mbox-contents-081c7224345c702ebcf6ef22d3b7449ec11ce42d.js Show response
assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/ 75 KB
27 KB 58ms
58ms Script
application/x-javascript 92.122.254.10
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/mbox-contents-081c7224345c702ebcf6ef22d3b7449ec11ce42d.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.10 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a92-122-254-10.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bf37dba5836581c0cc0451edd5c197e46a5a0e070b3f696e5b4bf7e32da1817a

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 15 Apr 2019 12:31:23 GMT
content-encoding: gzip
last-modified: Mon, 08 Apr 2019 23:20:24 GMT
server: Apache
etag: "eb6d969848d866a39a78150c4a347735:1554765625"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 27590
expires: Mon, 15 Apr 2019 13:31:23 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK portal.html
c.sharethis.mgr.consensu.org/v1.0/cmp/ Frame B640 0
0 1124ms
30ms Document
text/html 2.16.186.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.146 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: c.sharethis.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, POST, PUT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
ETag: W/"26b-4977387000"
Last-Modified: Tue, 01 Jan 1980 00:00:00 GMT
Vary: Accept-Encoding
Content-Length: 334
Cache-Control: public, max-age=3600
Date: Mon, 15 Apr 2019 12:31:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.png
www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/ 70 KB
70 KB 189ms
162ms Image
image/png 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

6159cfdf171aa1850984070f415e8bfac0bde40ee17d3ff8175662fbd514e2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CvVersion%7C3.4.0; check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 09:57:39 GMT
Server: Apache
ETag: "116d4-5851077c62ac0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 71380
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK android-banking-malware-masquerading-as-email-app-targets-german-banks.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/ 61 KB
61 KB 161ms
161ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/android-banking-malware-masquerading-as-email-app-targets-german-banks.png.thumb.319.319.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

63d6e74d32f24a0f4065b1d21da312aaab2c1a5c946bbf98f31f685ff922dea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 02:07:33 GMT
Server: Apache
ETag: "f2a9-58509e690c340"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 62121
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK threat_report_thumb.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/fortinet_threat_landscape_report_q1_2018/ 126 KB
127 KB 164ms
163ms Image
image/png 13.56.220.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-images/fortinet_threat_landscape_report_q1_2018/threat_report_thumb.png.thumb.319.319.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.56.220.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-56-220-180.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

09ae9b1eba67a297656d8a0e526fffcef77f2a17363bbf9e9efe5e2cdb8b0265

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 23:45:26 GMT
Server: Apache
ETag: "1f864-58507ea511180"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 129124
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK browser-extensions-a-new-threat.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/ 101 KB
101 KB 162ms
162ms Image
image/png 54.183.57.55
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/browser-extensions-a-new-threat.jpg.thumb.319.319.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.57.55 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-183-57-55.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ab80453aa5154fbc34f2e9e0268545173db8a0d1a483c0e4818733900abcabbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _sdsat_mcvID=28845405408721225211483963256596660996; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CvVersion%7C3.4.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Mar 2019 09:57:39 GMT
Server: Apache
ETag: "193d5-5851077c62ac0"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 103381
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ 367 B
1 KB 40ms
39ms XHR
application/json 52.51.131.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id/rd?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1555331483545
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.131.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5fee2e4d475a84eaf085970002839a30e85cf9a7e73f37c819c025fa253d3faa

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Origin: https://www.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v026-0cac9c9f6.edge-irl1.demdex.com 5.51.2.20190403131314 5ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: jPuX6/dSTbg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.fortinet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 301
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 satellite-5aa864a164746d58b700412b.html
assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/ Frame 7348 0
0 165ms
55ms Document
text/html 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa864a164746d58b700412b.html
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: assets.adobedtm.com
:scheme: https
:path: /4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa864a164746d58b700412b.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Response headers

status: 200
server: Apache
etag: "52fa849a16651953dc915efbae88d0cc:1554765625"
last-modified: Mon, 08 Apr 2019 23:20:25 GMT
accept-ranges: bytes
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
content-length: 803
cache-control: max-age=3600
expires: Mon, 15 Apr 2019 13:31:24 GMT
date: Mon, 15 Apr 2019 12:31:24 GMT
timing-allow-origin: *

GET
H2 200 satellite-5aa864f264746d7629003a65.html
assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/ Frame 8D68 0
0 184ms
90ms Document
text/html 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa864f264746d7629003a65.html
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: assets.adobedtm.com
:scheme: https
:path: /4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa864f264746d7629003a65.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Response headers

status: 200
server: Apache
etag: "8227658d1e33b9eaa91028e35c3beb4f:1554765625"
last-modified: Mon, 08 Apr 2019 23:20:25 GMT
accept-ranges: bytes
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
content-length: 782
cache-control: max-age=3600
expires: Mon, 15 Apr 2019 13:31:24 GMT
date: Mon, 15 Apr 2019 12:31:24 GMT
timing-allow-origin: *

GET
H2 200 satellite-5aa8640864746d58b700411f.html
assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/ Frame 053B 0
0 168ms
80ms Document
text/html 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa8640864746d58b700411f.html
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: assets.adobedtm.com
:scheme: https
:path: /4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-5aa8640864746d58b700411f.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Response headers

status: 200
server: Apache
etag: "94b6dd03c710fe7140881c36dbb5ab47:1554765625"
last-modified: Mon, 08 Apr 2019 23:20:25 GMT
accept-ranges: bytes
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
content-length: 899
cache-control: max-age=3600
expires: Mon, 15 Apr 2019 13:31:24 GMT
date: Mon, 15 Apr 2019 12:31:24 GMT
timing-allow-origin: *

GET
H2 200 s-code-contents-678d604999b9203058dbe982c7a7ddbf795bb1f4.js Show response
assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/ 34 KB
13 KB 142ms
55ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/s-code-contents-678d604999b9203058dbe982c7a7ddbf795bb1f4.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 15 Apr 2019 12:31:24 GMT
content-encoding: gzip
last-modified: Mon, 08 Apr 2019 23:20:24 GMT
server: Apache
etag: "9a1e762486f8afef7a6f384a1e9c253d:1554765624"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 13170
expires: Mon, 15 Apr 2019 13:31:24 GMT

GET
H2 200 satellite-59ceae2064746d21fe0037dd.js Show response
assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/ 1 KB
692 B 136ms
49ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/scripts/satellite-59ceae2064746d21fe0037dd.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 24038492cb3d19fef34ce0a9bc55033f3030c04eeea97a93c22b2ec8914c1316

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 15 Apr 2019 12:31:24 GMT
content-encoding: gzip
last-modified: Mon, 08 Apr 2019 23:20:24 GMT
server: Apache
etag: "d8619d86a5e27900726ec96a76ead3cc:1554765624"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 459
expires: Mon, 15 Apr 2019 13:31:24 GMT

GET
H/1.1 200
OK Cookie set dest5.html
fortinet.demdex.net/ Frame E6FB 0
0 1189ms
35ms Document
text/html 34.242.238.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fortinet.demdex.net/dest5.html?d_nsid=0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/satelliteLib-32b0117a6a1b1e07ce775d6f834af5718192ddf1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.238.135 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-242-238-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: fortinet.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Accept-Encoding: gzip, deflate, br
Cookie: demdex=29188430682563054251449660592038027916
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 04 Apr 2019 08:45:05 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=29188430682563054251449660592038027916;Path=/;Domain=.demdex.net;Expires=Sat, 12-Oct-2019 12:31:25 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: qJQDbiz4SYE=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1

302
Found

id Show response
fortinetinc.sc.omtrdc.net/
Redirect Chain

https://metrics.fortinet.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023
https://fortinetinc.sc.omtrdc.net/id?AQB=1&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by...

0
-1 B

141ms
24ms

XHR
text/plain

172.82.235.45
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fortinetinc.sc.omtrdc.net/id?AQB=1&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.82.235.45 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

fortinet.com.ssl.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.fortinet.com
Accept-Encoding: gzip, deflate, br
Host: metrics.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333344; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CvVersion%7C3.4.0
Connection: keep-alive
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 16 Apr 2019 12:31:24 GMT
Server: Omniture DC/2.0.0
xserver: www111
Location: https://fortinetinc.sc.omtrdc.net/id?AQB=1&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.fortinet.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Sun, 14 Apr 2019 12:31:24 GMT

Redirect headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 16 Apr 2019 12:31:24 GMT
Server: Omniture DC/2.0.0
xserver: www111
Location: https://fortinetinc.sc.omtrdc.net/id?AQB=1&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.fortinet.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Sun, 14 Apr 2019 12:31:24 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XLR5nAAAE6qDmhN_
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29188430682563054251449660592038027916
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XLR5nAAAE6qDmhN_

42 B
769 B

129ms
32ms

Image
image/gif

52.214.222.48
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XLR5nAAAE6qDmhN_
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.222.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-214-222-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v026-0ac93d1f6.edge-irl1.demdex.com 5.51.2.20190403131314 4ms
Pragma: no-cache
X-TID: 0LoUAUPSQeo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 15 Apr 2019 12:31:23 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XLR5nAAAE6qDmhN_
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBSLLPJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 2668
date: Mon, 15 Apr 2019 11:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Mon, 15 Apr 2019 13:46:56 GMT

GET
H2 200 api.min.js Show response
a.optmnstr.com/app/js/ 173 KB
53 KB 3069ms
23ms Script
application/javascript 23.111.9.217
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.optmnstr.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBSLLPJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.217 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 454a99c30d51e5436d9d641417f02d64e218fa9b8afa3fda81ee0199501175bf

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 15 Apr 2019 12:31:27 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2019 16:17:48 GMT
server: NetDNA-cache/2.2
x-amz-request-id: E671AA21AF342A20
etag: W/"1d2f04af843844d409c764965f08614f"
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
x-amz-id-2: ZtYpXKZUmJRwKMFSzNEy+M2etcXQx5qClVMP0ROXGdbNzdmhxZ/9XGKy4gDcn9pJxJRX+1ezwKs=
expires: Wed, 15 May 2019 12:31:27 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 32 KB
11 KB 3183ms
75ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBSLLPJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6d73aa32774fb131ebbc1faf3f931aaf66e998f808757cbafbcc737f8d769580

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: ea1u3hYQrubY64bATByV7XbdUEwnubrR
Content-Encoding: gzip
x-amz-request-id: C7A4752260620705
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 15 Apr 2019 12:31:27 GMT
Connection: keep-alive
Content-Length: 10245
x-amz-id-2: K18RlJUfOcLGqPBweOGxlnRwDlXGf3sJ9xmH9VYEl/y0PkuDogldNb5vLb+8XwpkMDwvGhsO3bE=
Last-Modified: Wed, 20 Feb 2019 19:22:50 GMT
Server: AmazonS3
ETag: "a75c16aa500b21e32e06699919372ec4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 15 KB
5 KB 74ms
14ms Script
application/x-javascript 2a02:26f0:10e:2b0::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBSLLPJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10e:2b0::3adf , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=76002
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 16ms
15ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=2066399861&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&ul=en-us&de=UTF-8&dt=Bladabindi%20Remains%20A%20Constant%20Threat%20By%20Using%20Dynamic%20DNS%20Services&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=2077751310&gjid=714813012&cid=1208407939.1555331484&tid=UA-767980-6&_gid=165685825.1555331484&_r=1&gtm=2wg430NBSLLPJ&z=1704258321

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2019 12:31:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

302
Found

id Show response
metrics.fortinet.com/
Redirect Chain

https://fortinetinc.sc.omtrdc.net/id?AQB=1&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by...
https://metrics.fortinet.com/id?AQB=1&vmr=true&&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-thre...

0
-1 B

3107ms
24ms

XHR
text/plain

172.82.228.19
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.fortinet.com/id?AQB=1&vmr=true&&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.82.228.19 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:27 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: null
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 16 Apr 2019 12:31:27 GMT
Server: Omniture DC
xserver: www185
Content-Type: text/plain
Location: https://metrics.fortinet.com/id?AQB=1&vmr=true&&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Expires: Sun, 14 Apr 2019 12:31:27 GMT

Redirect headers

Date: Mon, 15 Apr 2019 12:31:27 GMT
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 16 Apr 2019 12:31:27 GMT
Server: Omniture DC
xserver: www185
Location: https://metrics.fortinet.com/id?AQB=1&vmr=true&&vmh=metrics.fortinet.com&vmf=fortinetinc.sc.omtrdc.net&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=28845405408721225211483963256596660996&ts=1555331484023&AQE=1
Content-Type: text/plain
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Expires: Sun, 14 Apr 2019 12:31:27 GMT

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 263 B
365 B 414ms
102ms Script
application/json 52.6.202.37
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb3&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&refDomain=www.fortinet.com&sop=true
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.202.37 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-202-37.compute-1.amazonaws.com
Software: /
Resource Hash: e9137b567d746930b37c2e96f7ead87c4ca5763d23b8c48bf5004fda47d1c82d

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 208
Content-Type: application/json

GET
H/1.1 200
OK arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
949 B 55ms
7ms Image
image/svg+xml 23.67.137.77
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.67.137.77 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-67-137-77.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
Last-Modified: Fri, 04 Jan 2019 18:31:05 GMT
Server: AmazonS3
x-amz-request-id: 0163F18421DACD1D
ETag: "b55d8d2b9321e381a3c38a4bddb74037"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 565
x-amz-id-2: 8jJiqlKh2b3lHnxok3IzRGezuoyDDxdXXyKuWiW/txNQ3pFQpk7mgpRHvu4X21bKgCpU+1HbAQA=

GET
H/1.1 200
OK arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
949 B 63ms
8ms Image
image/svg+xml 23.67.137.77
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.67.137.77 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-67-137-77.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
Last-Modified: Fri, 04 Jan 2019 18:31:05 GMT
Server: AmazonS3
x-amz-request-id: 25AF35FCA1CA0833
ETag: "9928d025bd5792b718ee0a185f62e67c"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 565
x-amz-id-2: dCLdKn3tqyYf73xYAQUSaaDmWFfnexgsyr3d9weFnmy16Czo0dkgZ132+KcPFu8T818B6DBtLKs=

GET
H/1.1

301
Moved Permanently

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&version=st_sop.js&lang=en&hostname=www.fortinet.com&location=%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services...
https://l.sharethis.com/sc?cm=ZGAKmVy0eZwAAAASfwR3Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services....

0
-1 B

62ms
9ms

XHR
text/html

3.120.53.177
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=ZGAKmVy0eZwAAAASfwR3Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&sop=true
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.53.177 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-53-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
Location: /sc?cm=ZGAKmVy0eZwAAAASfwR3Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&sop=true
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: https://www.fortinet.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: *
Content-Length: 234
Stid: ZGAKmVy0eZwAAAASfwR3Aw==

Redirect headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
Access-Control-Allow-Origin: https://www.fortinet.com
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=ZGAKmVy0eZwAAAASfwR3Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&sop=true
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: *
Content-Length: 234
Stid: ZGAKmVy0eZwAAAASfwR3Aw==

GET
H/1.1 200
OK sc Show response
l.sharethis.com/ 52 B
475 B 8ms
8ms XHR
text/plain 3.120.53.177
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=ZGAKmVy0eZwAAAASfwR3Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&sop=true
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.53.177 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-53-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fb240acaa79132a670848ebb86a3af9be094dcd13414ca843a821ecb3e879289

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Origin: https://www.fortinet.com

Response headers

Date: Mon, 15 Apr 2019 12:31:24 GMT
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.fortinet.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZGAKmVy0eZwAAAASfwR3Aw==
Access-Control-Allow-Headers: *
Content-Length: 52

GET
H2 200 / Show response
graph.facebook.com/ 233 B
598 B 146ms
119ms Script
text/javascript 2a03:2880:f01c:20e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&callback=window.__sharethis__.cb4

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5d6ec86ac499c76181fabaf6e7c4ef2ceb435d22c237bbb2e1e5dbeb94242576

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Mon, 15 Apr 2019 12:31:25 GMT
x-fb-rev: 1000602558
content-length: 152
pragma: no-cache
x-fb-debug: VNNDytfI6Qg/mMXBgQzTo9s27Hk0EqW2bNc8kLxyVAZivMZT4Spb1xrLO4TeuJbFQb0qrO3n1hqXNWOXVd6zBA==
x-fb-trace-id: CpGVycY9Mxn
etag: "c29a19f82b831347573ac16ff679defc2c201bdd"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A9vPOxVRdzQMoq3iKNLt3oD
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
fortinet.tt.omtrdc.net/m2/fortinet/mbox/ 96 B
203 B 39ms
23ms XHR
application/json 66.117.29.3
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://fortinet.tt.omtrdc.net/m2/fortinet/mbox/json?mbox=target-global-mbox&mboxSession=757a4fc836184e0790ad3990014b3f72&mboxPC=&mboxPage=66afb9ed065f4bcfa5a37990434a1c10&mboxRid=29301c9850524f3fb253630083d89e92&mboxVersion=1.6.4&mboxCount=1&mboxTime=1555331483676&mboxHost=www.fortinet.com&mboxURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mboxMCSDID=41B550114C718255-2DE108E5C44D379A&vst.trk=nsmetrics.fortinet.com&vst.trks=metrics.fortinet.com
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/4e56a4f921ab0baab5f89914672a3d541ff95762/mbox-contents-081c7224345c702ebcf6ef22d3b7449ec11ce42d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.117.29.3 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: 6b9f3813ffcf62c0d671cf5dcd4d8b0787b96df15e2e49f6f5571a909b230173

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Origin: https://www.fortinet.com

Response headers

pragma: no-cache
date: Mon, 15 Apr 2019 12:31:24 GMT
status: 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fortinet.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: 29301c9850524f3fb253630083d89e92

GET
H2 200 39852 Show response
api.opmnstr.com/v2/embed/ 162 KB
16 KB 398ms
185ms XHR
application/json 50.19.60.226
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.opmnstr.com/v2/embed/39852
Requested by: Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.60.226 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-50-19-60-226.compute-1.amazonaws.com
Software: Pagely Gateway/1.5.1 /
Resource Hash: 656e38474da55ec53979f90d892e70de7b11d70f61469dfed6371daa3e536ee3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Origin: https://www.fortinet.com

Response headers

x-user-agent: standard
content-encoding: gzip
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
status: 200
date: Mon, 15 Apr 2019 12:31:27 GMT
x-cache-status: HIT
vary: Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 45602

GET
H/1.1 200
OK 7OBVBCAQE5FHDPFEAD5T4D Show response
d.adroll.com/consent/check/ 40 B
200 B 145ms
28ms Script
application/javascript 54.247.81.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/7OBVBCAQE5FHDPFEAD5T4D?_s=11c19811fd0e9415110ad105a7c9800c
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.81.38 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-81-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 6f43e1e85c42d5e449308701054501d9867a7254c9a8734406afbc89b3dfe5b4

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:27 GMT
Server: nginx/1.14.1
Connection: keep-alive
Content-Length: 40
Content-Type: application/javascript

GET
H/1.1 200
OK id Show response
metrics.fortinet.com/ 49 B
526 B 130ms
26ms XHR
application/x-javascript 172.82.235.45
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.82.235.45 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

fortinet.com.ssl.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

37151279444afb5a0bf88761dbac3e0c89538df12f5788f831a18da98e46e6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: null
Accept-Encoding: gzip, deflate, br
Host: metrics.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CvVersion%7C3.4.0; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333346|PC#757a4fc836184e0790ad3990014b3f72.26_3#1618576286; mboxEdgeCluster=26
Connection: keep-alive
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 15 Apr 2019 12:31:27 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC
xserver: www286
Vary: Origin
X-C: ms-6.6.0
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15
Content-Length: 49
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK s22888447274653
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.10.0-D7QN/ 43 B
616 B 31ms
28ms Image
image/gif 172.82.235.45
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.10.0-D7QN/s22888447274653?AQB=1&ndh=1&pf=1&t=15%2F3%2F2019%2012%3A31%3A27%201%200&sdid=41B550114C718255-2DE108E5C44D379A&D=D%3D&mid=28845405408721225211483963256596660996&aamlh=6&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Abladabindi-remains-a-constant-threat-by-using-dynamic-dns-services&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&events=event3&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&v3=%2B1&c7=Entire%20Site&c8=New&v25=28845405408721225211483963256596660996&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Abladabindi-remains-a-constant-threat-by-using-dynamic-dns-services&v35=Enabled&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&AQE=1

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.82.235.45 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

fortinet.com.ssl.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: metrics.fortinet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Cookie: check=true; AMCVS_ED8739F75677FE917F000101%40AdobeOrg=1; _ga=GA1.2.1208407939.1555331484; _gid=GA1.2.165685825.1555331484; _gat_UA-767980-6=1; mbox=session#757a4fc836184e0790ad3990014b3f72#1555333346|PC#757a4fc836184e0790ad3990014b3f72.26_3#1618576286; mboxEdgeCluster=26; AMCV_ED8739F75677FE917F000101%40AdobeOrg=1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CMCAID%7CNONE%7CvVersion%7C3.4.0; s_getNewRepeat=1555331487420-New; s_cc=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:27 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.6.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 16 Apr 2019 12:31:27 GMT
Server: Omniture DC/2.0.0
xserver: www269
ETag: "3340048935639121920-5573381734726108758"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Keep-Alive: timeout=15
Expires: Sun, 14 Apr 2019 12:31:27 GMT

GET
H/1.1 200
OK consent.js Show response
s.adroll.com/j/ 67 KB
15 KB 45ms
44ms Script
application/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4983cd18419e417077dcc013922828394049ce6c65db6a782d2d73f225d46089

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: yvF3y5OARyGYjZyuW4BqgiCbPvLhhPrH
Content-Encoding: gzip
x-amz-request-id: 7EBD99F69567301D
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 15 Apr 2019 12:31:27 GMT
Connection: keep-alive
Content-Length: 15051
x-amz-id-2: ZAMLcakp6pamVvhjTbjoBOeKm/lFBqsh3HyHLH8XDul6YO1D/T5bOMFfxhZ5XZIR3NTSb8PhK6U=
Last-Modified: Thu, 06 Dec 2018 16:37:43 GMT
Server: AmazonS3
ETag: "53cd26585ff224c6851303016ec98536"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK hod
d.adroll.com/consent/ 42 B
264 B 34ms
34ms Image
image/gif 54.247.81.38
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/consent/hod?_e=view_banner&_s=11c19811fd0e9415110ad105a7c9800c&_b=626d9f6089ce68&_a=7OBVBCAQE5FHDPFEAD5T4D
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.81.38 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-81-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 15 Apr 2019 12:31:27 GMT
Cache-Control: no-transform,public,max-age=300,s-maxage=900
Server: nginx/1.14.1
Connection: keep-alive
Content-Length: 42
Vary: Cookie
Content-Type: image/gif

GET
H2 200 / Show response
px.ads.linkedin.com/collect/ 0
94 B 155ms
154ms Script
application/javascript 2620:119:50e0:105::6cae:b15
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1555331487521&pid=7120&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html&fmt=js&s=1
Requested by: Host: sjs.bizographics.com
URL: https://sjs.bizographics.com/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e0:105::6cae:b15 , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 15 Apr 2019 12:31:27 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-ltx1
status: 200
x-li-proto: http/2
x-li-pop: prod-vmi1
content-type: application/javascript
content-length: 20
x-li-uuid: oU/4WL+llRUAv2q1GCsAAA==

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fortinet.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.demdex.net/	1970-01-19 04:21:23	Name: demdex Value: 29188430682563054251449660592038027916
.fortinet.com/	1970-01-19 02:11:47	Name: s_getNewRepeat Value: 1555331487420-New
.fortinet.com/	1970-01-19 00:02:13	Name: mboxEdgeCluster Value: 26
www.fortinet.com/	1970-01-23 00:00:45	Name: _omappvp Value: J5EuvJpEisJIEkzkmX40a4SndtCWn9ps7EGUb1FKQUjBDEezXovOBArX3TsJBq4VqQNfEpDbahgIxe2J6QShulqrJZWyHDUF
www.fortinet.com/	1969-12-31 23:59:59	Name: st_shares_https://www.fortinet.com/blog/threat-research/bladabindi-remains-a-constant-threat-by-using-dynamic-dns-services.html Value: [object Object]
.fortinet.com/	1970-01-19 17:36:16	Name: mbox Value: session#757a4fc836184e0790ad3990014b3f72#1555333346\|PC#757a4fc836184e0790ad3990014b3f72.26_3#1618576286
.fortinet.com/	1970-01-19 00:02:11	Name: _gat_UA-767980-6 Value: 1
.fortinet.com/	1970-01-19 17:33:23	Name: _ga Value: GA1.2.1208407939.1555331484
www.fortinet.com/	1970-01-19 17:33:23	Name: _sdsat_mcvID Value: 28845405408721225211483963256596660996
.fortinet.com/	1969-12-31 23:59:59	Name: AMCVS_ED8739F75677FE917F000101%40AdobeOrg Value: 1
www.fortinet.com/	1970-01-19 00:02:12	Name: _omappvs Value: 1555331487156
.fortinet.com/	1970-01-19 00:03:37	Name: _gid Value: GA1.2.165685825.1555331484
.adobedtm.com/	1970-01-19 02:11:47	Name: _fbp Value: fb.1.1555331484211.934577136
.fortinet.com/	1970-01-19 17:34:49	Name: AMCV_ED8739F75677FE917F000101%40AdobeOrg Value: 1994364360%7CMCIDTS%7C18002%7CMCMID%7C28845405408721225211483963256596660996%7CMCAAMLH-1555936283%7C6%7CMCAAMB-1555936283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1555338683s%7CNONE%7CMCSYNCSOP%7C411-18009%7CMCAID%7CNONE%7CvVersion%7C3.4.0
.fortinet.com/	1969-12-31 23:59:59	Name: check Value: true
www.fortinet.com/blog/threat-research	1969-12-31 23:59:59	Name: __sharethis_cookie_test__ Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [OptinMonster]
console-api	warning	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [OptinMonster]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [OptinMonster]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [object Object]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: console.groupEnd
console-api	warning	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [OptinMonster]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [OptinMonster]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [object Object]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: console.groupEnd
console-api	warning	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [OptinMonster]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [OptinMonster]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: [object Object]
console-api	log	URL: https://a.optmnstr.com/app/js/api.min.js(Line 2) Message: console.groupEnd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.optmnstr.com
api.opmnstr.com
assets.adobedtm.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cm.everesttech.net
count-server.sharethis.com
d.adroll.com
dpm.demdex.net
fortinet.demdex.net
fortinet.tt.omtrdc.net
fortinetinc.sc.omtrdc.net
graph.facebook.com
l.sharethis.com
metrics.fortinet.com
platform-api.sharethis.com
platform-cdn.sharethis.com
px.ads.linkedin.com
s.adroll.com
sjs.bizographics.com
www.fortinet.com
www.google-analytics.com
www.googletagmanager.com
104.109.70.8
13.56.220.180
172.82.228.19
172.82.235.45
2.16.186.146
2.18.232.23
2.18.233.40
23.111.9.217
23.67.137.77
2620:119:50e0:105::6cae:b15
2a00:1450:4001:816::2008
2a00:1450:4001:818::200e
2a02:26f0:10e:2b0::3adf
2a03:2880:f01c:20e:face:b00c:0:2
3.120.53.177
34.242.238.135
50.19.60.226
52.214.222.48
52.51.131.19
52.6.202.37
54.183.57.55
54.247.81.38
66.117.28.86
66.117.29.3
92.122.254.10
09ae9b1eba67a297656d8a0e526fffcef77f2a17363bbf9e9efe5e2cdb8b0265
14045a87db31f2215dd685d617185753d9f1e5f2bbfa65c6b9212d3630fa94ae
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1fc6c774b7e75c84d68b655ce9db6402436b9bef9f80d0da6ed98453e6dc2a63
219de732daf746c6612afd5079fc0c8b80e9efd2bd6980492b3c25d607af72cd
24038492cb3d19fef34ce0a9bc55033f3030c04eeea97a93c22b2ec8914c1316
32d90f9a5ebbb1d07a21f26bbbc35b083833c257a2ff7e2db0c87f91a9465c1d
37151279444afb5a0bf88761dbac3e0c89538df12f5788f831a18da98e46e6a4
3b7cad56d10552afbb25f5b662440df914b0e257b10395c65a1a324f87ba48fb
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
454a99c30d51e5436d9d641417f02d64e218fa9b8afa3fda81ee0199501175bf
4983cd18419e417077dcc013922828394049ce6c65db6a782d2d73f225d46089
4d4ed9c7f5710fc0c91774a4374f2ef9765a827ebed616a38b859e65712512fd
569c048e348b45041647af89e72b89595c36f226be6576296ab3cb071d660c3f
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5d6ec86ac499c76181fabaf6e7c4ef2ceb435d22c237bbb2e1e5dbeb94242576
5feba58cf82d3a34d79d4e82914c9eda612f41415b21b98aefdafcb4f500f14b
5fee2e4d475a84eaf085970002839a30e85cf9a7e73f37c819c025fa253d3faa
604ae5068c06ac47597ed7e1c587a0ce7d8ff6e8174a979b285169f1b3277016
6159cfdf171aa1850984070f415e8bfac0bde40ee17d3ff8175662fbd514e2db
63d6e74d32f24a0f4065b1d21da312aaab2c1a5c946bbf98f31f685ff922dea4
656e38474da55ec53979f90d892e70de7b11d70f61469dfed6371daa3e536ee3
68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0
6b9f3813ffcf62c0d671cf5dcd4d8b0787b96df15e2e49f6f5571a909b230173
6d73aa32774fb131ebbc1faf3f931aaf66e998f808757cbafbcc737f8d769580
6f43e1e85c42d5e449308701054501d9867a7254c9a8734406afbc89b3dfe5b4
7f0daa7591ef2b42b26dd9d39102440c242e7fd798e7898a620e5489d67ec73e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c6103aabd94bf4584fbdd8b15cb68c08fa52f43dc229ac034a1bf6c855c0bc
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ab80453aa5154fbc34f2e9e0268545173db8a0d1a483c0e4818733900abcabbc
ace24460b71b4fcc5700f129eac6c255c60b5db925e9bf24cc39458df56c481e
ae9b55edb092b0e3636552bc0edfba415a21377b9f33fd2246167871a8358e7f
bc81009998d11cfb4a83fc0d14ef5dd8c8f82af920ac78b0a80a2956f332c9a3
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
bf37dba5836581c0cc0451edd5c197e46a5a0e070b3f696e5b4bf7e32da1817a
cafcb6a7aa8096fd2bb897347191feb0f20b743ddf418dc551059b39954b82a7
d1d899dca1ded276d37d51ae5c9419a8c40c54e27ed16bd02f97a8e519eff1d2
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9137b567d746930b37c2e96f7ead87c4ca5763d23b8c48bf5004fda47d1c82d
eb6058ea8eec777d07e89407b55de7990eb296b3f5a5ee4a6b04c71d3c129c42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f313e550618ea7fb80135b5fac2ed426a2e1c6e19f15b383d3a5e51ad3dc2396
f8919e9e7bdfe96d935b1dc4ed107be1868c0403198a7c2fc78faf6aae5f9efa
fb240acaa79132a670848ebb86a3af9be094dcd13414ca843a821ecb3e879289
fb5776c130a6fec55aeb39b1a8980450d89095844d2662b06f0111a5895d250f

www.fortinet.com Open in urlscan Pro 13.56.220.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

20 %IPv6

15 Domains

23 Subdomains

25 IPs

4 Countries

1182 kBTransfer

2183 kBSize

17 Cookies

12 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fortinet.com Open in urlscan Pro
13.56.220.180 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

20 %
IPv6

15
Domains

23
Subdomains

25
IPs

4
Countries

1182 kB
Transfer

2183 kB
Size

17
Cookies

57 HTTP transactions
1 data transactions