urlscan.io logo urlscan.io
SecurityTrails logo

www.fortinet.com Open in urlscan Pro
44.199.160.6  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Submission: On May 05 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 4 countries across 54 domains to perform 160 HTTP transactions. The main IP is 44.199.160.6, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.fortinet.com. The Cisco Umbrella rank of the primary domain is 147909.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 15th 2022. Valid for: a year.
This is the only time www.fortinet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 44.199.160.6 14618 (AMAZON-AES)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.201.125.192 15169 (GOOGLE)
4 9 2600:9000:21e... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
20 2600:1400:d:4... 20940 (AKAMAI-ASN1)
2 5 52.25.15.16 16509 (AMAZON-02)
10 104.100.140.26 16625 (AKAMAI-AS)
1 23.54.69.74 16625 (AKAMAI-AS)
1 23.198.216.120 16625 (AKAMAI-AS)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
3 64.202.112.191 22075 (AS-OUTBRAIN)
1 68.67.179.123 29990 (ASN-APPNEX)
4 40.76.174.66 8075 (MICROSOFT...)
1 23.52.163.40 16625 (AKAMAI-AS)
4 138.199.40.58 60068 (CDN77 ^_^)
2 54.85.127.37 14618 (AMAZON-AES)
1 35.166.150.193 16509 (AMAZON-02)
2 63.140.38.120 14618 (AMAZON-AES)
1 1 52.4.112.7 14618 (AMAZON-AES)
1 13.35.73.71 16509 (AMAZON-02)
1 13.225.223.19 16509 (AMAZON-02)
1 2 52.211.91.250 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.223.110 16509 (AMAZON-02)
1 52.85.61.14 16509 (AMAZON-02)
1 54.171.126.73 16509 (AMAZON-02)
1 96.45.36.159 40934 (FORTINET)
1 2 20.36.253.92 8075 (MICROSOFT...)
1 34.251.139.24 16509 (AMAZON-02)
2 8 2600:9000:21e... 16509 (AMAZON-02)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 7 34.111.234.236 15169 (GOOGLE)
1 151.101.208.157 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 44.240.152.58 16509 (AMAZON-02)
1 3 142.250.176.198 15169 (GOOGLE)
1 2600:9000:21e... 16509 (AMAZON-02)
1 142.250.80.34 15169 (GOOGLE)
6 6 2620:1ec:21::14 8068 (MICROSOFT...)
3 3 13.107.42.14 8068 (MICROSOFT...)
1 4 104.18.100.194 13335 (CLOUDFLAR...)
3 104.244.42.131 13414 (TWITTER)
4 4 35.201.70.94 15169 (GOOGLE)
3 104.244.42.133 13414 (TWITTER)
4 2607:f8b0:400... 15169 (GOOGLE)
1 13.51.138.210 16509 (AMAZON-02)
3 4 35.190.60.146 15169 (GOOGLE)
8 9 15.197.193.217 16509 (AMAZON-02)
2 2 3.225.53.134 14618 (AMAZON-AES)
2 3 54.156.26.12 14618 (AMAZON-AES)
15 18 63.34.39.133 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
2 52.37.218.4 16509 (AMAZON-02)
1 2 35.211.178.172 19527 (GOOGLE-2)
4 4 142.251.40.162 15169 (GOOGLE)
1 2 23.54.68.240 16625 (AKAMAI-AS)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
1 2 8.43.72.98 26667 (RUBICONPR...)
1 2 35.244.159.8 15169 (GOOGLE)
2 2 54.237.255.89 14618 (AMAZON-AES)
1 2 52.45.33.138 14618 (AMAZON-AES)
1 104.36.115.109 62713 (AS-PUBMATIC)
1 2001:4998:14:... 14777 (YAHOO)
1 141.226.224.48 200478 (TABOOLA-AS)
1 2 35.71.139.29 16509 (AMAZON-02)
2 3 68.67.179.153 29990 (ASN-APPNEX)
1 34.212.4.35 16509 (AMAZON-02)
1 44.233.136.7 16509 (AMAZON-02)
1 1 184.85.195.135 16625 (AKAMAI-AS)
160 66
4    44.199.160.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-160-6.compute-1.amazonaws.com
www.fortinet.com
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    35.201.125.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.125.201.35.bc.googleusercontent.com
marvel-b2-cdn.bc0a.com
9    2600:9000:21ec:9000:0:f267:a5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
marvel-b1-cdn.bc0a.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
20    2600:1400:d:480::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
5    52.25.15.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-15-16.us-west-2.compute.amazonaws.com
dpm.demdex.net
10    104.100.140.26 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-100-140-26.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
1    23.54.69.74 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-69-74.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    23.198.216.120 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-120.deploy.static.akamaitechnologies.com
s7.addthis.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
3    64.202.112.191 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
1    68.67.179.123 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
4    40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
d.clarity.ms
1    23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com
z.moatads.com
4    138.199.40.58 (United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com
a.opmnstr.com
a.omappapi.com
2    54.85.127.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-127-37.compute-1.amazonaws.com
epsilon.6sense.com
1    35.166.150.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-150-193.us-west-2.compute.amazonaws.com
fortinet.demdex.net
2    63.140.38.120 (United States)

ASN14618 (AMAZON-AES, US)
metrics.fortinet.com
1    52.4.112.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-112-7.compute-1.amazonaws.com
cm.everesttech.net
1    13.35.73.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-73-71.bos50.r.cloudfront.net
api.omappapi.com
1    13.225.223.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-19.jfk51.r.cloudfront.net
static.hotjar.com
2    52.211.91.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-91-250.eu-west-1.compute.amazonaws.com
argusplatform.com
www.argusplatform.com
8    2607:f8b0:4006:80f::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:81e::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.225.223.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-110.jfk51.r.cloudfront.net
script.hotjar.com
1    52.85.61.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-14.ewr53.r.cloudfront.net
vars.hotjar.com
1    54.171.126.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-126-73.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    96.45.36.159 (Santa Clara, United States)

ASN40934 (FORTINET, US)
site.fortinet.com
2    20.36.253.92 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    34.251.139.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-139-24.eu-west-1.compute.amazonaws.com
pixels.argusplatform.com
8    2600:9000:21ec:b200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
7    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    151.101.208.157 (Newark, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    44.240.152.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-152-58.us-west-2.compute.amazonaws.com
dx.mountain.com
3    142.250.176.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net
10104846.fls.doubleclick.net
1    2600:9000:21ec:1e00:12:dfa9:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.inzynk.io
1    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
www.googleadservices.com
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
3    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    35.201.70.94 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 94.70.201.35.bc.googleusercontent.com
marvel-processor.bc0a.com
3    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
4    2607:f8b0:4006:81c::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.51.138.210 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-51-138-210.eu-north-1.compute.amazonaws.com
analytics.inzynk.io
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
9    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    3.225.53.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-53-134.compute-1.amazonaws.com
sync.crwdcntrl.net
3    54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net
18    63.34.39.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-39-133.eu-west-1.compute.amazonaws.com
d.adroll.com
1    2607:f8b0:4006:81d::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2607:f8b0:4006:809::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4006:81c::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2607:f8b0:4006:822::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    52.37.218.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
px.mountain.com
2    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
4    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
2    23.54.68.240 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-240.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    54.237.255.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-255-89.compute-1.amazonaws.com
pixel.advertising.com
2    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    68.67.179.153 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
gs.mountain.com
1    44.233.136.7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-136-7.us-west-2.compute.amazonaws.com
px.steelhousemedia.com
1    184.85.195.135 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-195-135.deploy.static.akamaitechnologies.com
tags.bluekai.com
Apex Domain
Subdomains		 Transfer
26 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3525
d.adroll.com — Cisco Umbrella Rank: 2453
38 KB
20 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 469
106 KB
14 bc0a.com
marvel-b2-cdn.bc0a.com — Cisco Umbrella Rank: 30553
marvel-b1-cdn.bc0a.com — Cisco Umbrella Rank: 32871
marvel-processor.bc0a.com — Cisco Umbrella Rank: 78638
146 KB
11 doubleclick.net
10104846.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
cm.g.doubleclick.net — Cisco Umbrella Rank: 289
7 KB
10 6sc.co
j.6sc.co — Cisco Umbrella Rank: 14504
c.6sc.co — Cisco Umbrella Rank: 19087
b.6sc.co — Cisco Umbrella Rank: 8518
16 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 447
insight.adsrvr.org — Cisco Umbrella Rank: 841
5 KB
9 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 899
www.linkedin.com — Cisco Umbrella Rank: 787
px4.ads.linkedin.com — Cisco Umbrella Rank: 4880
5 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
364 KB
7 ml314.com
ml314.com — Cisco Umbrella Rank: 2429
33 KB
7 fortinet.com
www.fortinet.com — Cisco Umbrella Rank: 147909
metrics.fortinet.com
site.fortinet.com
127 KB
6 clarity.ms
d.clarity.ms — Cisco Umbrella Rank: 2803
c.clarity.ms — Cisco Umbrella Rank: 926
24 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 283
fortinet.demdex.net
8 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 755
117 KB
5 google.ca
www.google.ca — Cisco Umbrella Rank: 7163
adservice.google.ca — Cisco Umbrella Rank: 12222
2 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 128
www.google.com — Cisco Umbrella Rank: 20
2 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 491
564 B
4 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 1079
734 B
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 9626
px.mountain.com — Cisco Umbrella Rank: 10038
gs.mountain.com — Cisco Umbrella Rank: 14155
7 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 920
script.hotjar.com — Cisco Umbrella Rank: 1202
vars.hotjar.com — Cisco Umbrella Rank: 1251
in.hotjar.com — Cisco Umbrella Rank: 2229
67 KB
4 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 6386
api.omappapi.com — Cisco Umbrella Rank: 6463
46 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 612
ib.adnxs.com — Cisco Umbrella Rank: 326
4 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 605
c.bing.com — Cisco Umbrella Rank: 379
13 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2990
tr.outbrain.com — Cisco Umbrella Rank: 2710
sync.outbrain.com — Cisco Umbrella Rank: 1057
4 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 420
ads.yahoo.com — Cisco Umbrella Rank: 1553
784 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
516 B
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1269
2 KB
3 t.co
t.co — Cisco Umbrella Rank: 563
707 B
3 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 800
768 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 195
200 KB
3 argusplatform.com
argusplatform.com — Cisco Umbrella Rank: 542013
www.argusplatform.com — Cisco Umbrella Rank: 638012
pixels.argusplatform.com — Cisco Umbrella Rank: 721835
3 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 590
743 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 716
817 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 632
406 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 478
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1118
717 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 405
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 962
865 B
2 inzynk.io
tags.inzynk.io — Cisco Umbrella Rank: 421036
analytics.inzynk.io — Cisco Umbrella Rank: 365120
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 24665
432 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 693
846 B
1 steelhousemedia.com
px.steelhousemedia.com — Cisco Umbrella Rank: 9823
244 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1390
222 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1403
590 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5276
390 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 963
10 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1589
3 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1413
517 B
1 opmnstr.com
a.opmnstr.com — Cisco Umbrella Rank: 23764
54 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 523
1 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2109
114 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1085
435 B
160 54
Domain Requested by
20 assets.adobedtm.com cdn.cookielaw.org
assets.adobedtm.com
18 d.adroll.com 15 redirects s.adroll.com
9 marvel-b1-cdn.bc0a.com 4 redirects www.fortinet.com
8 match.adsrvr.org 7 redirects
8 s.adroll.com 2 redirects www.fortinet.com
s.adroll.com
d.adroll.com
8 www.googletagmanager.com www.fortinet.com
www.googletagmanager.com
assets.adobedtm.com
8 b.6sc.co www.fortinet.com
7 ml314.com 2 redirects www.fortinet.com
ml314.com
6 cdn.cookielaw.org www.fortinet.com
cdn.cookielaw.org
5 px.ads.linkedin.com 5 redirects
5 dpm.demdex.net 2 redirects www.fortinet.com
4 cm.g.doubleclick.net 4 redirects
4 www.google.ca
4 www.google.com
4 idsync.rlcdn.com 3 redirects
4 googleads.g.doubleclick.net www.googleadservices.com
4 marvel-processor.bc0a.com 4 redirects
4 p.adsymptotic.com 1 redirects 10104846.fls.doubleclick.net
4 d.clarity.ms bat.bing.com
d.clarity.ms
4 www.fortinet.com www.fortinet.com
3 ib.adnxs.com 2 redirects
3 www.facebook.com
3 ps.eyeota.net 2 redirects
3 t.co
3 analytics.twitter.com
3 px4.ads.linkedin.com 3 redirects
3 10104846.fls.doubleclick.net 1 redirects assets.adobedtm.com
adservice.google.com
3 connect.facebook.net www.fortinet.com
connect.facebook.net
3 a.omappapi.com a.opmnstr.com
www.fortinet.com
3 bat.bing.com assets.adobedtm.com
bat.bing.com
www.fortinet.com
2 eb2.3lift.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 pixel.advertising.com 2 redirects
2 us-u.openx.net 1 redirects
2 pixel.rubiconproject.com 1 redirects
2 pippio.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 x.bidswitch.net 1 redirects
2 px.mountain.com dx.mountain.com
www.fortinet.com
2 sync.crwdcntrl.net 2 redirects
2 c.clarity.ms 1 redirects
2 www.google-analytics.com a.opmnstr.com
www.google-analytics.com
2 metrics.fortinet.com assets.adobedtm.com
www.fortinet.com
2 epsilon.6sense.com j.6sc.co
2 tr.outbrain.com amplify.outbrain.com
www.fortinet.com
1 tags.bluekai.com 1 redirects
1 insight.adsrvr.org 1 redirects
1 px.steelhousemedia.com
1 gs.mountain.com www.fortinet.com
1 sync.taboola.com
1 ads.yahoo.com
1 image2.pubmatic.com
1 sync.outbrain.com
1 tags.rd.linksynergy.com 1 redirects
1 adservice.google.ca 1 redirects
1 adservice.google.com 10104846.fls.doubleclick.net
1 analytics.inzynk.io tags.inzynk.io
1 www.linkedin.com 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 tags.inzynk.io assets.adobedtm.com
1 dx.mountain.com www.fortinet.com
1 static.ads-twitter.com www.fortinet.com
1 snap.licdn.com www.fortinet.com
1 pixels.argusplatform.com argusplatform.com
1 c.bing.com 1 redirects
1 site.fortinet.com www.fortinet.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.argusplatform.com www.fortinet.com
1 argusplatform.com 1 redirects
1 static.hotjar.com www.fortinet.com
1 api.omappapi.com a.opmnstr.com
1 cm.everesttech.net 1 redirects
1 fortinet.demdex.net assets.adobedtm.com
1 a.opmnstr.com assets.adobedtm.com
1 z.moatads.com s7.addthis.com
1 c.6sc.co j.6sc.co
1 secure.adnxs.com j.6sc.co
1 s7.addthis.com assets.adobedtm.com
1 amplify.outbrain.com www.fortinet.com
1 j.6sc.co www.fortinet.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 marvel-b2-cdn.bc0a.com www.fortinet.com
160 84
Subject Issuer Validity Valid
*.fortinet.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-15 -
2023-04-15		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
cdn.bc0a.com
GTS CA 1D4		 2022-03-14 -
2022-06-12		 3 months crt.sh
marvel-cdn.bc0a.com
Amazon		 2022-03-11 -
2023-04-09		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-08 -
2023-03-11		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
a.opmnstr.com
R3		 2022-04-30 -
2022-07-29		 3 months crt.sh
*.6sense.com
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
a.omappapi.com
R3		 2022-04-30 -
2022-07-29		 3 months crt.sh
api.opmnstr.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
pixels.argusplatform.com
R3		 2022-04-12 -
2022-07-11		 3 months crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.ml314.com
GoGetSSL RSA DV CA		 2022-03-29 -
2023-03-29		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-12 -
2022-05-13		 3 months crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2021-05-20 -
2022-06-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.inzynk.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-07 -
2023-01-07		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Frame ID: 33E30CB558A22BB2CE8A3B7B6A4632EC
Requests: 154 HTTP requests in this frame

Frame: https://fortinet.demdex.net/dest5.html?d_nsid=0
Frame ID: 479F0F45626BF502561247B78CF32A4D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 10537FECB41E6BD29289E2111D70A8B5
Requests: 1 HTTP requests in this frame

Frame: https://10104846.fls.doubleclick.net/activityi;dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344
Frame ID: FFF26244D3E52697C88DDD0D62DF1AA5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
Frame ID: 1831F83D1272838929A4EA9404C6AFE5
Requests: 1 HTTP requests in this frame

Frame: https://10104846.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
Frame ID: 00EC5FE04C8025976F503B6ABECF7F7E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5E2F6C04EB7BA7C5103FF8E25A0BE290
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

An Overview of the Increasing Wiper Malware Threat | FortiGuard Labs Back ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

160
Requests

79 %
HTTPS

25 %
IPv6

54
Domains

84
Subdomains

66
IPs

4
Countries

1542 kB
Transfer

4468 kB
Size

114
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1651782680288 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1651782680288
Request Chain 42
  • https://cm.everesttech.net/cm/dd?d_uuid=65859722852126076842252518367985430465 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0GAAAAI9bsQQN
Request Chain 47
  • https://argusplatform.com/js/wid.tracker.js HTTP 301
  • https://www.argusplatform.com/js/wid.tracker.js
Request Chain 79
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1A60D7CB121A4420AC78D41D9D505AC4&RedC=c.clarity.ms&MXFR=1513C060ED116CF70194D1FBE91162F5 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1A60D7CB121A4420AC78D41D9D505AC4&MUID=264A2B663ED464843FA93AFD3FFE654B
Request Chain 89
  • https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344 HTTP 302
  • https://10104846.fls.doubleclick.net/activityi;dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344
Request Chain 92
  • https://s.adroll.com/j/exp/7OBVBCAQE5FHDPFEAD5T4D/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 93
  • https://s.adroll.com/j/pre/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 95
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7120%26time%3D1651782681645%26url%3Dhttps%253A%252F%252Fwww.fortinet.com%252Fblog%252Fthreat-research%252Fthe-increasing-wiper-malware-threat%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cookiesTest=true&liSync=true&e_ipv6=AQLeqsKjXH5LBwAAAYCV64UzLCIgNedca96iRTug2eFm-_75J_9Kw7aayyOLDX1r1Zv7gcBK HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4&_expected_cookie=5021942f86a5504d0f2891df35b80c78
Request Chain 101
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=b0825ac0-c2c5-4553-aca0-3dbf4e73a1c4&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat HTTP 302
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=b0825ac0-c2c5-4553-aca0-3dbf4e73a1c4&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat HTTP 307
  • https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=b0825ac0-c2c5-4553-aca0-3dbf4e73a1c4&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Request Chain 102
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ea44730f-0010-453e-8276-b1d65eeef81b&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat HTTP 302
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ea44730f-0010-453e-8276-b1d65eeef81b&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat HTTP 307
  • https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ea44730f-0010-453e-8276-b1d65eeef81b&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Request Chain 103
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=860ce80a-79ab-4789-9d97-3e91948f924e&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat HTTP 302
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=860ce80a-79ab-4789-9d97-3e91948f924e&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat HTTP 307
  • https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=860ce80a-79ab-4789-9d97-3e91948f924e&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Request Chain 110
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3626996877699317842 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNjk5Njg3NzY5OTMxNzg0MhAAGg0ImejQkwYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=aaa8442dd78d408c4c584ab4c04651a96c3a0be9a462db5328a6a6e6e44229e0f4cb09cee1a4f8eb&person_id=3626996877699317842&eid=50082
Request Chain 111
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=
Request Chain 112
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3626996877699317842 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3626996877699317842 HTTP 302
  • https://ml314.com/csync.ashx?fp=2a5221d7d3a1fc729d465dc784b55691&eid=50146&person_id=3626996877699317842
Request Chain 113
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2gwAZEvFSVO-JhPGEZcci1v-e34TKaAR1VGv_vgcc_RM&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=2gwAZEvFSVO-JhPGEZcci1v-e34TKaAR1VGv_vgcc_RM&person_id=3626996877699317842&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 126
  • https://adservice.google.ca/ddm/fls/i/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/ HTTP 302
  • https://10104846.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
Request Chain 128
  • https://px.ads.linkedin.com/collect/?pid=2159050&conversionId=6504418&fmt=gif HTTP 302
  • https://px4.ads.linkedin.com/collect?pid=2159050&conversionId=6504418&fmt=gif&e_ipv6=AQI5tO6AxdW7xgAAAYCV64ZL8enJVv0LbEq0rMRAwBkGvfS_XBdKqY4twua0a6-JesG97RJ- HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
Request Chain 129
  • https://d.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pv=7674947706.996771&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/VGLVDYA6GRASZMUSTHUV5D.js
Request Chain 134
  • https://d.adroll.com/cm/b/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Request Chain 135
  • https://d.adroll.com/cm/g/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mg2nBTQ1z_9gSB3qv61DDg HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 136
  • https://d.adroll.com/cm/index/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expiration=1683318682 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expiration=1683318682&C=1
Request Chain 137
  • https://d.adroll.com/cm/l/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=9a0da7053435cfff60481deabfad430e HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ab508d9a76c6dc491d82073b7fbc0a2b077fe24957ddb35e6b951a706ccbecd4791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhYjUwOGQ5YTc2YzZkYzQ5MWQ4MjA3M2I3ZmJjMGEyYjA3N2ZlMjQ5NTdkZGIzNWU2Yjk1MWE3MDZjY2JlY2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwImujQkwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhYjUwOGQ5YTc2YzZkYzQ5MWQ4MjA3M2I3ZmJjMGEyYjA3N2ZlMjQ5NTdkZGIzNWU2Yjk1MWE3MDZjY2JlY2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwImujQkwYSBAgCEABCAEoA&google_gid=CAESEEQKbjcRyX4FRb3ExczdrkM&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=6ca57c48-a292-48d4-8605-2778a413ce1a
Request Chain 138
  • https://d.adroll.com/cm/n/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expires=365
Request Chain 139
  • https://d.adroll.com/cm/o/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=9a0da7053435cfff60481deabfad430e&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a0da7053435cfff60481deabfad430e&gdpr=0&gdpr_consent=
Request Chain 140
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP53f0614b-ccb2-11ec-b918-022210a54efd HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP53f0614b-ccb2-11ec-b918-022210a54efd&verify=true
Request Chain 141
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Request Chain 142
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 143
  • https://d.adroll.com/cm/r/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 144
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Request Chain 145
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Request Chain 146
  • https://d.adroll.com/cm/x/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Request Chain 147
  • https://d.adroll.com/cm/g/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertisable=7OBVBCAQE5FHDPFEAD5T4D&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mg2nBTQ1z_9gSB3qv61DDg HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 148
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/px.ads.linkedin.com/collect/?pid=2148604&fmt=gif HTTP 302
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://px.ads.linkedin.com/collect/?pid=2148604&fmt=gif HTTP 307
  • https://px.ads.linkedin.com/collect/?pid=2148604&fmt=gif HTTP 302
  • https://px4.ads.linkedin.com/collect?pid=2148604&fmt=gif&e_ipv6=AQJEMgKoQMORUAAAAYCV64emq1oU90LkEW0Px7fh4wlqOmcLs-BEBmTJDzLUzjWIbHQyqG1D HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
Request Chain 153
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=53ba35c5-ccb2-11ec-a184-31655845281d&gdpr=&gdpr_consent= HTTP 302
  • https://px.steelhousemedia.com/tdsync?tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&shguid=53ba35c5-ccb2-11ec-a184-31655845281d
Request Chain 154
  • https://insight.adsrvr.org/track/evnt/?adv=6s0zaeu&ct=0:0bi0elf&fmt=3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDVlMTZiOWYtOTRhMy00MDk3LWFjOWQtZDlkYzg4YzFmYjMz&gdpr=0&gdpr_consent=&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&google_gid=CAESEKAlm9n9sVKDcX74Ae8w038&google_cver=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5892764131157033391&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33 HTTP 302
  • https://tags.bluekai.com/site/5386?id=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai

160 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request the-increasing-wiper-malware-threat
www.fortinet.com/blog/threat-research/ 		62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
44.199.160.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-160-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e372fb1274ae488f1ca7ac0f4eef4f20f7b67cf809916cf928f6c053cdbf7504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
26947
Content-Type
text/html;charset=utf-8
Date
Thu, 05 May 2022 20:31:19 GMT
ETag
W/"f7de-5de499fdb9bcb-gzip"
Last-Modified
Thu, 05 May 2022 20:31:19 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Dispatcher
dispatcher2uswest1
X-Frame-Options
SAMEORIGIN
X-Vhost
publish
X-XSS-Protection
1; mode=block
clientlib-base.min.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 		217 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.css?v=1
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
44.199.160.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-160-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9af0506f7d0221d9049280d06c6af4bc060a54a9657bbdef66bc3e85b8d00904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Dispatcher
dispatcher2uswest1
Date
Thu, 05 May 2022 20:31:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
publish
Connection
keep-alive
Vary
Accept-Encoding,User-Agent
Content-Length
27089
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 29 Apr 2022 21:06:27 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"3628c-5ddd16a6d3ac0-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css;charset=utf-8
Cache-Control
max-age=684000, public
Accept-Ranges
bytes
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
g2v9xMx/aUUS06TIQnKQZA==
age
8779
vary
Accept-Encoding
content-length
6830
x-ms-lease-status
unlocked
last-modified
Mon, 02 May 2022 19:32:14 GMT
server
cloudflare
etag
0x8DA2C7276249B5F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
72dd57ed-a01e-009c-1e75-5ea35b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
706c3d33ec64713f-YUL
marvel.js
marvel-b2-cdn.bc0a.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marvel-b2-cdn.bc0a.com/marvel.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.125.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.125.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 19:47:46 GMT
content-encoding
gzip
age
2613
x-guploader-uploadid
ADPycdv0rDMnxVDqW9A3VYiLQAzkMdxTkU3MqM8ZWbf_twW2HPBswq3Iq_icviIjBS85tECzbk894kRq3vtFGMmmFjtuQckYW0jR
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3217
last-modified
Wed, 01 Sep 2021 18:16:49 GMT
server
UploadServer
etag
"5a385b6f8bc7f4775b2ec7b66c0ec4c2"
vary
Accept-Encoding
x-goog-hash
crc32c=0X9o7A==, md5=Wjhbb4vH9HdbLse2bA7Ewg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1630520209881243
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
3217
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 05 May 2022 20:47:46 GMT
fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ 		32 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/fortinet-logo-white.svg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
44.199.160.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-160-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Dispatcher
dispatcher2uswest1
Date
Thu, 05 May 2022 20:31:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
publish
Content-Disposition
attachment; filename="fortinet-logo-white.svg"
Connection
keep-alive
Vary
Accept-Encoding,User-Agent
Content-Length
1998
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 22 Feb 2018 23:16:01 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"7ebb-565d53a1d6e40-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=684000, public
Accept-Ranges
bytes
clientlib-base.min.js
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 		150 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
44.199.160.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-160-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1e1a42cb75ebd81eb31850e485ef4c6e3667a45f57f778f249bca1f2852a97e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Dispatcher
dispatcher1uswest1
Date
Thu, 05 May 2022 20:31:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
publish
Connection
keep-alive
Vary
Accept-Encoding,User-Agent
Content-Length
70015
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 14 Jan 2021 20:18:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"25644-5b8e1f610c5c0-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=684000, public
Accept-Ranges
bytes
f85f39fc-d7aa-467a-b762-fbb722748016.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/f85f39fc-d7aa-467a-b762-fbb722748016.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a334f368b502d68bcaafb174022cfe21775f1744f0a1cd520d0c57d094a8e66a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ypNp2Paf3c+p42YUXiXMnA==
age
14197
vary
Accept-Encoding
content-length
1413
x-ms-lease-status
unlocked
last-modified
Fri, 12 Feb 2021 00:26:33 GMT
server
cloudflare
etag
0x8D8CEECD9FE5833
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d57e5650-b01e-00c7-6a15-b6a427000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
706c3d34982e7133-YUL
expires
Fri, 06 May 2022 00:31:19 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
wiper-malware-overview-hero.jpg
marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/wiper-malware-overview-hero.jpg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9000:0:f267:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6f5e86f67513b9595f08907d56fbbccd06c04293a4218ba9125eadcb53be59f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B8FyUa25Cw2JoNZ.PFB6wxFprw9Q3KBZ
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
etag
"aaf62f023492877269e248a4646feb7a"
age
81194
x-cache
Hit from cloudfront
x-amz-request-id
7NSCG51ZSMPY6ZKJ
x-amz-id-2
LKwJIaqtwjcsaUBb7mh5ezpNXFT3evmArRBlVVt29E8mD8fxq7epiYpWjnCCLqdRdhNzRzlTs0w=
accept-ranges
bytes
last-modified
Fri, 29 Apr 2022 20:41:18 GMT
server
AmazonS3
date
Wed, 04 May 2022 21:58:06 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
content-length
54226
x-amz-cf-id
3t3I2AnAVN0xiMt9B6bEtdE9LJze7DU7kVYIHTWiYrp321yzpkMuJA==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		157 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:19 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
706c3d350f7aca47-YUL
access-control-allow-headers
Content-Type
analysis-of-new-agent-tesla-spyware-thumb.jpg.thumb.319.319.png
marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/analysis-of-new-agent-tesla-spyware-variant/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/analysis-of-new-agent-tesla-spyware-variant/analysis-of-new-agent-tesla-spyware-thumb.jpg.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9000:0:f267:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c00b9a9837d40b4c6208cce4bac48c4055d9d1b604f95f6506767a608b35bd95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-amz-request-id
D1FN827XA5F6P0Q8
x-cache
Miss from cloudfront
content-length
15746
x-amz-id-2
cChvtk5GbbeTu8feIfg/m351YB0lMU9RzQ+DtAtod5laObVZUPrMdlf4VBFvig28s2bmWWfaHU8=
last-modified
Fri, 29 Apr 2022 20:41:46 GMT
server
AmazonS3
etag
"5d715c0dc73e868201aa93f608218f80"
x-amz-version-id
5S_90U6cedLUSeDONdKvCGEnqI1O.yid
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/webp
x-amz-cf-id
Fucz5F2_rOVEv_2n0uaJtlEewJ36luNNuTOw0nM1cPCPjzjUJc6w3A==
an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability.png.thumb.319.319.png
marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability.png.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9000:0:f267:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c24d1a4e2e980244f1fe78ef87bb55e83c209ea993af58a9d3c8a53280a8a7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
6oDZpVOKW6xblpZOLu4Qwz_NFkN9iA3W
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
etag
"15d040f381abf57e2f5dedaaef9cfc56"
age
81194
x-cache
Hit from cloudfront
x-amz-request-id
7NS93J1FGCYMDVJN
x-amz-id-2
7SVPNzbPx+Wm+K3f/VRxy5KD+w1GyjN9ui9j6yrDc7ki+w+fgx5S1ZuKx4QjKe77sgx+RxURG8U=
accept-ranges
bytes
last-modified
Fri, 29 Apr 2022 20:41:14 GMT
server
AmazonS3
date
Wed, 04 May 2022 21:58:06 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
content-length
25526
x-amz-cf-id
hftgpwwxxC3nO6hibXfWxwsKheO8WAYVpjxSNR8EOwpGPy4KFhopFg==
elec1.png.thumb.319.319.png
marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marvel-b1-cdn.bc0a.com/f00000000216283/www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/elec1.png.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9000:0:f267:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b29b1388d9b4de4ac0d5ba8b5c171174485de67babfb8114c2ee80d793372501

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
GQOzBl27KqEoXXJr4wkleG4_vORfqpg0
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
etag
"355365f99f3ef55de87738cf968464a5"
age
27419
x-cache
Hit from cloudfront
x-amz-request-id
F4E5ZHHPJRRX7EQJ
x-amz-id-2
9Gei+GOyq1Dg+kfa/hf1twZncHXTz3c6maLG86Q5QuSDYK94blnlO/7h/fkRBE3Ofu7hmxN+NMA=
accept-ranges
bytes
last-modified
Fri, 29 Apr 2022 20:41:13 GMT
server
AmazonS3
date
Thu, 05 May 2022 12:54:21 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
content-length
25882
x-amz-cf-id
3OQi4pvj_igUBs1oOFiCdt5YR4dCNauw49vRGs1W3jTl_BhuhxSNDw==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.10.0/ 		356 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Bh9exWOPGIwRshWljrtlEw==
age
17187794
vary
Accept-Encoding
content-length
79698
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:43:00 GMT
server
cloudflare
etag
0x8D89735260901BC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
28487d86-701e-0130-706c-c4c499000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
706c3d354e89713f-YUL
en.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/57752f14-619b-4b7d-972f-bd1ec966836f/ 		62 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/57752f14-619b-4b7d-972f-bd1ec966836f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e66cc74f5203b79cbaafeff9cb207526a880a840c21a471558f5faba8869e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XfYJP72jio3vj6b2/LnIHA==
age
13406
vary
Accept-Encoding
content-length
14399
x-ms-lease-status
unlocked
last-modified
Fri, 12 Feb 2021 00:26:41 GMT
server
cloudflare
etag
0x8D8CEECDEAF4D81
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9fd88eb5-001e-0074-1315-b65ea0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
706c3d3599c57133-YUL
expires
Fri, 06 May 2022 00:31:19 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/gif
otFlat.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 		13 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
W9e0YobmEbvdB0V9OmpQkw==
age
14181
vary
Accept-Encoding
content-length
3329
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:50 GMT
server
cloudflare
etag
0x8D89735209A34D6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a9d5ccba-301e-011e-7f6c-c4445e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
706c3d35da1d7133-YUL
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 		45 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zNsRoM1FEmsEgJoYMCNTng==
age
17187558
vary
Accept-Encoding
content-length
11755
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:53 GMT
server
cloudflare
etag
0x8D897352245C4EA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
077a373d-a01e-00f1-7a6c-c40975000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
706c3d35da217133-YUL
launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
assets.adobedtm.com/ 		369 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bae0f2a1cb0912d7f4b4bb9f18f3e03026c34c3532de0652eefabc6015da3a4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:58 GMT
server
AkamaiNetStorage
etag
"58a43e1f12a35704f6b05d8582bbb9fb:1651682578.347377"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
80309
expires
Thu, 05 May 2022 21:31:20 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1651782680288
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1651782680288
367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1651782680288
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Server
52.25.15.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-15-16.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fcd62b64dc9bcc692b198b6eb24cb9be42ca9537312bff72d8b4e0cf7a0f0e94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-0bfbc3fc6.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
qqwKOOy6Rk4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.fortinet.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
308
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v028-09d8f8446.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.fortinet.com
X-TID
1cxpPmZTSyc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1651782680288
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:26 GMT
server
AkamaiNetStorage
etag
"85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12243
expires
Thu, 05 May 2022 21:31:20 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:27 GMT
server
AkamaiNetStorage
etag
"9355415074dbdbd216a19b61ce931ab2:1642630707.219535"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1599
expires
Thu, 05 May 2022 21:31:20 GMT
6si.min.js
j.6sc.co/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
8575
Pragma
no-cache
Last-Modified
Thu, 07 Oct 2021 17:17:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615f2bb7-6a5f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 05 May 2022 20:31:20 GMT
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 12:30:38 GMT
Server
AkamaiNetStorage
ETag
"23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Thu, 05 May 2022 20:51:20 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.120 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-120.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Thu, 05 May 2022 20:31:20 GMT
x-host
s7.addthis.com
content-length
116423
RC448863e9e05a4b4880daa4a5fb7da328-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		358 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC448863e9e05a4b4880daa4a5fb7da328-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8bc2cda291e24e7c33eb1df7a0c3063493ff4ac470a7f893668063fe4beec8b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
228
expires
Thu, 05 May 2022 21:31:20 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6F8D720BCB934570989E12A2E3FD1BAD Ref B: YTO01EDGE0816 Ref C: 2022-05-05T20:31:20Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Thu, 05 May 2022 20:31:20 GMT
accept-ranges
bytes
content-length
11333
RC4566551d215d44c4824ebf3d9d3f9e69-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC4566551d215d44c4824ebf3d9d3f9e69-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f369912bd823c1cf6da7363090ff7bff3dcdadcaba6bc80877f8a25a70049d86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1341
expires
Thu, 05 May 2022 21:31:20 GMT
RC52075bdc49924bc1a58a4118ed15476d-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		1 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC52075bdc49924bc1a58a4118ed15476d-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b2a701d65b9123b5942f52b5b921db8d119777961c2652fc1ed0907f42a896c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
536
expires
Thu, 05 May 2022 21:31:20 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00ad3119690e692fd6990245f9741ea8f1
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
X-TraceId
18f3e853567c6b441810c79784d6771b
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00ad3119690e692fd6990245f9741ea8f1&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&optOut=false&bust=02668703560651995
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:20 GMT
Cache-Control
no-cache
X-TraceId
5bcf327ebca8f7355ea99468eaf0f395
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
17532650.js
bat.bing.com/p/action/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17532650.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc9d48a549664bff408d8b0536d699760506e694a003040ce606fcbaee7784c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BCFF73ED743F4E65A1DCC014B834EC16 Ref B: YTO01EDGE0816 Ref C: 2022-05-05T20:31:20Z
date
Thu, 05 May 2022 20:31:20 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
909
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17532650&tm=al001&Ver=2&mid=9ad66afc-21d4-4f51-86e4-44a687e1538c&sid=52a03790ccb211ecb83a8143e52d2f5a&vid=52a07940ccb211ec81bc2fa4a7ebedd8&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&kw=Threat%20Research,malware,wiper%20malware&p=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&r=&lt=1100&pt=1651782678856,,,,,0,2,139,139,210,162,210,756,779,760,1087,1087,1100,,,&pn=0,0&evt=pageLoad&msclkid=N&sv=1&rn=355129
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 17217C2ECD054F1491E5B4FF736A8524 Ref B: YTO01EDGE0816 Ref C: 2022-05-05T20:31:20Z
date
Thu, 05 May 2022 20:31:20 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuidj
secure.adnxs.com/ 		11 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.123 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 May 2022 20:31:20 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7b2bb97a-6330-41ca-b612-455f6c645b61
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.fortinet.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		47 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d7b2c577a4b1fe6979f27eb7a40655eca03a86a1cf7f28fb4bb7a60fc7099bee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:20 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.fortinet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
47
clarity.js
d.clarity.ms/s/0.6.35/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/s/0.6.35/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17532650.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
br
etag
"1d85e80e187b365"
last-modified
Tue, 03 May 2022 00:01:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
23088
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&session=0684c099-e137-406e-8181-266ab1c609de&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A20%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:20 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3BDAE1FAB05E52F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11379
accept-ranges
bytes
content-length
948
x-amz-id-2
JQEtOEyiFCqCP1YLI1OIPGBGUg/WHgpDv22+z5rvn/G8szLTqEelRVwbxuu0H6mk2GphOf1hSec=
api.min.js
a.opmnstr.com/app/js/ 		193 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.opmnstr.com/app/js/api.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
b77f6fa10a82b4f583ce0ad71b79b0522b7bf784b63b7a6e6aa4256facc586ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
br
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
NY-266
cdn-cachedat
04/12/2022 15:55:54
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-NY1-885
access-control-allow-origin
*
last-modified
Tue, 12 Apr 2022 15:54:24 GMT
cdn-proxyver
1.02
cdn-fileserver
267
etag
W/"6255a0b0-3027e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
1b4278152350d03b589f24accb4aa4e4
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
details
epsilon.6sense.com/v3/company/ 		445 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-37.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6ec3eaa960374bd8df144b340b0208053e7ca3e1b93278f533882c5a649a8eda

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
Authorization
Token 82f0c18bd0395219670f57108eb160f3273629b2
EpsilonCookie
31ec3817894a0000183474629d010000364eba01

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.fortinet.com
access-control-allow-credentials
true
content-length
246
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-37.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,epsiloncookie
Access-Control-Request-Method
GET
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,epsiloncookie
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.fortinet.com
access-control-max-age
1800
date
Thu, 05 May 2022 20:31:20 GMT
server
nginx
dest5.html
fortinet.demdex.net/ Frame 479F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fortinet.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.150.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-150-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v028-0a33b272e.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Xw1VcTL1TYg=
content-encoding
gzip
date
Thu, 5 May 2022 20:31:20 GMT
last-modified
Wed, 27 Apr 2022 09:30:02 GMT
vary
accept-encoding
id
metrics.fortinet.com/ 		48 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.fortinet.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&mid=66203453230830318842289147603712101961&ts=1651782680704
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.120 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
jag /
Resource Hash
fb2e52dbdcd26b1d05506fe43f9db4efe53072dbab0d46a36a8a68eb7931a1ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-74c9f5b556-wdjdq
vary
Origin
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.fortinet.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YnQ0GAAAAI9bsQQN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=65859722852126076842252518367985430465
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0GAAAAI9bsQQN
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0GAAAAI9bsQQN
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Server
52.25.15.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-15-16.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v028-0e9861164.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
s4jrcw5dQPc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0GAAAAI9bsQQN
Date
Thu, 05 May 2022 20:31:20 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
collect
d.clarity.ms/ 		0
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.fortinet.com
date
Thu, 05 May 2022 20:31:20 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
api.min.css
a.omappapi.com/app/js/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
br
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
NY-266
cdn-cachedat
04/12/2022 15:55:54
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-NY1-885
access-control-allow-origin
*
last-modified
Tue, 12 Apr 2022 15:54:23 GMT
cdn-proxyver
1.02
cdn-fileserver
266
etag
W/"6255a0af-464c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
44739d6810f086580732232f9bc56bcd
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
39852
api.omappapi.com/v2/embed/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/39852?d=fortinet.com
Requested by
Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.73.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-73-71.bos50.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
eff43e49142db1ab1ae6fee352b06a5db407ef4c4b88b5c21398a5e5b2020ace

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
gzip
x-cache-config
0 0
x-amz-cf-pop
BOS50-C1
x-cache-status
HIT
x-cache
Miss from cloudfront
access-control-allow-headers
X-CSRF-Token
x-optinmonster-account
45602
x-user-agent
standard--
last-modified
Thu, 24 Mar 2022 18:42:42 GMT
server
Pagely Gateway/1.5.1
etag
W/"6c16765a57d4b0ea0ebc93a9a30a9899"
vary
Accept-Encoding, User-Agent
content-type
application/json
via
1.1 2c28bd71299b5e0e8f627feeec6c9f2a.cloudfront.net (CloudFront)
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin
*
x-amz-cf-id
cwCNFtmLBRY83zX9NUt_9vCHIoPawMGuOkBfxN1FCirv6YgXMVPFzg==
expires
Thu, 05 May 2022 20:28:30 GMT
hotjar-1178304.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1178304.js?sv=6
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-19.jfk51.r.cloudfront.net
Software
/
Resource Hash
99d90c064e4865370c35da3d8d96f34453e6d0d10b73e98e5819b613e22f5f70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
4
etag
W/a4095b0b6eb5dbd8b6e4ca587ee30374
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
GpO8PaNrT8dC-wlE4HBCLbUeyCVK4tt2_XdjLd424E9ePZ7FpJFHYQ==
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
wid.tracker.js
www.argusplatform.com/js/
Redirect Chain
  • https://argusplatform.com/js/wid.tracker.js
  • https://www.argusplatform.com/js/wid.tracker.js
6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.argusplatform.com/js/wid.tracker.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Server
52.211.91.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-91-250.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
6fe9f9f7b377dc96c8b87655739234ae33479d20c2d8993f4ab01d3d8e4adb2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 07:14:47 GMT
server
Kestrel
etag
"1d85f86a2dbd4f3-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2323

Redirect headers

location
https://www.argusplatform.com/js/wid.tracker.js
date
Thu, 05 May 2022 20:31:21 GMT
server
Apache/2.4.29 (Ubuntu)
content-length
338
content-type
text/html; charset=iso-8859-1
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-767980-1
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60d3342c40370093c05240eb2015f3c345504c7838ef1db37b028d50b58cd1a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40765
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:20 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6447
date
Thu, 05 May 2022 18:43:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 05 May 2022 20:43:54 GMT
db47f52161b8e7dba7abfccf1efb8531-optin.json
a.omappapi.com/app/campaign-views/df0603609574/b2dxtopzidsdt3fkzfsv/ 		21 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/campaign-views/df0603609574/b2dxtopzidsdt3fkzfsv/db47f52161b8e7dba7abfccf1efb8531-optin.json
Requested by
Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
05c6b444e68f8b6d629346c8dc315664816ec743143e4e3c60c654ee92b88f70

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
DE-167
cdn-cachedat
03/25/2022 02:59:43
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-NY1-885
access-control-allow-origin
*
last-modified
Wed, 23 Mar 2022 18:18:30 GMT
cdn-proxyver
1.02
cdn-fileserver
324
etag
W/"623b6476-5395"
vary
Accept-Encoding
content-type
application/json
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
e369ab67d3bdc36d8ea344b2b762d900
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
modules.5107f832d0ffac1bd5aa.js
script.hotjar.com/ 		238 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5107f832d0ffac1bd5aa.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1178304.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-110.jfk51.r.cloudfront.net
Software
/
Resource Hash
b420ab4da31c0bbba899c91b4d4b239d852288d430d28925375d0929a2719320
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
34275
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63396
access-control-allow-origin
*
last-modified
Thu, 05 May 2022 10:59:31 GMT
etag
"c3dddda04be98988fd65482e1048e141"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
1T2I9qmwDOqi12WI2LYUMz7iSGt2WscchtafHsyXd22Cl4WmKIsTow==
s23487007721401
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.22.4-LCS4/ 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.22.4-LCS4/s23487007721401?AQB=1&ndh=1&pf=1&t=5%2F4%2F2022%2020%3A31%3A20%204%200&mid=66203453230830318842289147603712101961&aamlh=9&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Athe-increasing-wiper-malware-threat&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&c7=Entire%20Site&c8=New&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Athe-increasing-wiper-malware-threat&v35=Enabled&v101=Not%20Identified&v102=Not%20Identified&v103=Not%20Identified&v104=Not%20Identified&v105=Not%20Identified&v106=Montreal&v107=Quebec&v108=Canada&v109=Not%20Identified&v110=Not%20Identified&v111=Not%20Identified&v112=Not%20Identified&v113=Not%20Identified&v126=Low&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&AQE=1
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.120 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 06 May 2022 20:31:21 GMT
server
jag
xserver
anedge-5d858857d8-lbf8j
etag
3547176298451828736-4619883336062018494
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 04 May 2022 20:31:21 GMT
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame 1053 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1178304.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-14.ewr53.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
15402333
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Nov 2021 14:05:48 GMT
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
vary
Accept-Encoding
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
x-amz-cf-id
AD2RKOvUJr90u3_bBDoNi4u-VR9LSs-nzKRlk8iK21ZN_sgjbqS3tw==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
x-robots-tag
none
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=610495840&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&ul=en-us&de=UTF-8&dt=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=653559735&gjid=467422514&cid=1478234246.1651782681&tid=UA-767980-1&_gid=1402674599.1651782681&_r=1&gtm=2ou540&z=193151283
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fortinet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
96a4431f801d1648059204-ciso.jpg
a.omappapi.com/users/df0603609574/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.omappapi.com/users/df0603609574/images/96a4431f801d1648059204-ciso.jpg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
e578d376143ed289b48dbdfefab47fbf1e69d213fcd55cd35e0cf74d93631310

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
DE-197
cdn-cachedat
03/23/2022 19:29:59
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
35528
server
BunnyCDN-NY1-885
access-control-allow-origin
*
last-modified
Wed, 23 Mar 2022 18:15:57 GMT
cdn-proxyver
1.02
cdn-fileserver
320
etag
"623b63dd-8ac8"
content-type
image/jpeg
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestpullcode
200
cdn-requestid
582c94fab950c0663a26b74f6b38669b
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
visit-data
in.hotjar.com/api/v2/client/sites/1178304/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1178304/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5107f832d0ffac1bd5aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.126.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-126-73.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8

Request headers

Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
96a4431f801d1648059204-ciso.jpg
marvel-b1-cdn.bc0a.com/f00000000216283/a.omappapi.com/users/df0603609574/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marvel-b1-cdn.bc0a.com/f00000000216283/a.omappapi.com/users/df0603609574/images/96a4431f801d1648059204-ciso.jpg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9000:0:f267:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b4df9304313441b440457afe4adb4e58b84b991730a01218eaf147c2900542a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
GbrEA42tt4DoWQaIWFSovKCmx62.5tMe
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
etag
"03cc7945fd80eff152446f337e3927d2"
age
77537
x-cache
Hit from cloudfront
x-amz-request-id
NP4DJ480SG86Q06N
x-amz-id-2
T4/gTnCwpHPX5aUR3664kF+3fncE9//lZH7D6xrsNcafnT8eyHGJC95uyuVwTc2YhZHgHZdZ854=
accept-ranges
bytes
last-modified
Fri, 29 Apr 2022 20:34:33 GMT
server
AmazonS3
date
Wed, 04 May 2022 22:59:05 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
content-length
18248
x-amz-cf-id
feZdQ4jmRnEUM9npcJlBbax9WJyNpt2H7iahMtOTZeNDc0lPeDr1xA==
RC5f9db9623fd940e99b1510f8b6c24885-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		922 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC5f9db9623fd940e99b1510f8b6c24885-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
15bec52e13e4cc35f89fc5f9066d71996e9e08bc496b02d1ebfb75b023864109

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
530
expires
Thu, 05 May 2022 21:31:21 GMT
RCf7f107dbff1d4418b8440adaefff3dc0-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		847 B
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RCf7f107dbff1d4418b8440adaefff3dc0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2cf115120e7474780b0a518ea807f121ebb277a5bbb3b86b7799329d4b899c5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
476
expires
Thu, 05 May 2022 21:31:21 GMT
RC5c60a51709a94068afbf065e1448b617-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		664 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC5c60a51709a94068afbf065e1448b617-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5491ca98ec4c04b695feb21b0594d16c995b896c9729f82bc4998033c0ca2a19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
400
expires
Thu, 05 May 2022 21:31:21 GMT
RCcd84e40d19c24776bef77836ab2f8df6-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		819 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RCcd84e40d19c24776bef77836ab2f8df6-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f3a23feb765a20d4d75794c49a6ffce6ed593c2e7773c740b3edb4f82c4423dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
502
expires
Thu, 05 May 2022 21:31:21 GMT
RCf5bd1991cad84a7294a7b609189a1fa5-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		1021 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RCf5bd1991cad84a7294a7b609189a1fa5-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
aa218ee63921815502ce66c0e3ae23219d02747b466e56180f215000f60c0e83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
601
expires
Thu, 05 May 2022 21:31:21 GMT
RC7be3d22b2fd6487ca9390477738587fe-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		819 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC7be3d22b2fd6487ca9390477738587fe-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
85aacb29871324d1ac901f0ca0860812a1d20932c540f0780e211ab74cae3a5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
501
expires
Thu, 05 May 2022 21:31:21 GMT
RC0b4c777e72784ff2a3ddfe5c5c91aa6f-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		2 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC0b4c777e72784ff2a3ddfe5c5c91aa6f-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5e345f597d5e2c09fc4337c1b6ebd8eaedf9e0703e5bc8a9d22f228e487c0cf3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
754
expires
Thu, 05 May 2022 21:31:21 GMT
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-662878185&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-767980-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c663f37be6eaac4b70dff7d27c618732c667d0f96f09b08e337beac7af3b2a88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44213
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:21 GMT
js
www.googletagmanager.com/gtag/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10050195&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-767980-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf6b0a97264d057e729e9e6995152f04babb6c2fd5c0a86f575dcc8db0978c7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40210
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:21 GMT
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-609297413&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-767980-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49fdf28873a2eb5f627492081131dbb97a4773d8603c8c1133d6cee8409451ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44212
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:21 GMT
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-729495989&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-767980-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f51798439fdb9b68d153f6ada3365a1220d7cdba9500ff1be8a80f7b35b69b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44213
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:21 GMT
js
www.googletagmanager.com/gtag/ 		150 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-767980-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2116496e5531a73295fd48a0dc24d2789a5da1fcb3723e5fc5311874643608f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57250
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:21 GMT
js
www.googletagmanager.com/gtag/ 		150 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17de8c87ce63c805d4d184cae60555f4b161a9679a900c367bf3b793e5aed002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57241
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:21 GMT
RCcb6e8e438d1741e6854bf3a039a2565a-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		754 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RCcb6e8e438d1741e6854bf3a039a2565a-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fbee62ba61411045badf0009e041035b6fc7345965bfe4fdf924c3f0c79127ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
447
expires
Thu, 05 May 2022 21:31:21 GMT
RC50087428705b45feb485321e405537a0-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		1 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC50087428705b45feb485321e405537a0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d166ca7fa82247a8f1be6b91565a1c3d2f772603184d0ca0873e3961a3bdb67f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
672
expires
Thu, 05 May 2022 21:31:21 GMT
RC407b573180554ea6b11eecdc31ecbd3f-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		819 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC407b573180554ea6b11eecdc31ecbd3f-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b85b80b28ed34b45036bcb9e798e8b1a2ed45881166b12877438ba67b556ff11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
499
expires
Thu, 05 May 2022 21:31:21 GMT
RC3bae6526bab9473dbbab7449e16ead11-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		579 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC3bae6526bab9473dbbab7449e16ead11-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78590e4a88439feae66201052c7802ca5a18f1525fa37d7b48bd0dce0921b312

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
321
expires
Thu, 05 May 2022 21:31:21 GMT
RCf940460311f349b5af69d075bdef61d4-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		368 B
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RCf940460311f349b5af69d075bdef61d4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36f3c20f1d59fa29a00dbc20e6acc8eed155313db57bc90e7806b59812cdb898

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
234
expires
Thu, 05 May 2022 21:31:21 GMT
RCe61896415d84436c959b7a66783b3417-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RCe61896415d84436c959b7a66783b3417-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0c249856f50498661dd329eced45d93b43f9895beb7b7a0c37a6df1a5cca0799

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
550
expires
Thu, 05 May 2022 21:31:21 GMT
RC0829ccf7bc5a44478ae2705d4c111c37-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/ 		966 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/f4f56705f374/RC0829ccf7bc5a44478ae2705d4c111c37-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:480::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c06a5ebc732ce46b3b6b6741da871dea081b56656b9191fe77c4f1a685f05a6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 16:42:59 GMT
server
AkamaiNetStorage
etag
"e49fb89e9ff66f045dc93a3b8df3d124:1651682579.142585"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fortinet.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
550
expires
Thu, 05 May 2022 21:31:21 GMT
ipinfo
site.fortinet.com/utilservice/ 		202 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://site.fortinet.com/utilservice/ipinfo?site=fortinet.com&callback=jQuery220030729259639616546_1651782679933&_=1651782679934
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.45.36.159 Santa Clara, United States, ASN40934 (FORTINET, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
dd7b6e0ae7e246d8d97a90baadc52b3d740c464f1236b1331c7e5cd371c958ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fortinet.com *.myfortinet.com fortinet.my.salesforce.com;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.fortinet.com *.myfortinet.com fortinet.my.salesforce.com;
Server
nginx/1.20.2
Date
Thu, 05 May 2022 20:31:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Connection
keep-alive
Content-Length
202
Front-End-Https
on
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1A60D7CB121A4420AC78D41D9D505AC4&RedC=c.clarity.ms&MXFR=1513C060ED116CF70194D1FBE91162F5
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1A60D7CB121A4420AC78D41D9D505AC4&MUID=264A2B663ED464843FA93AFD3FFE654B
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1A60D7CB121A4420AC78D41D9D505AC4&MUID=264A2B663ED464843FA93AFD3FFE654B
Protocol
H2
Server
20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:20 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F8B761A65EBF42C8B248E0E595633988 Ref B: YTO01EDGE0816 Ref C: 2022-05-05T20:31:21Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1A60D7CB121A4420AC78D41D9D505AC4&MUID=264A2B663ED464843FA93AFD3FFE654B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
pixels.argusplatform.com/wh/track/ 		33 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixels.argusplatform.com/wh/track/?site_id=C6AC00C8269540D0ABFF19F1B5558B6D&visitor_id=1651782681358639931&event_type=page_request&timestamp=1651782681&page_title=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&page_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&page_url_referer=
Requested by
Host: argusplatform.com
URL: https://argusplatform.com/js/wid.tracker.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.251.139.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-139-24.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 05 May 2022 20:31:21 GMT
Server
Kestrel
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631698094
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e86e3ef14320d1c04dfeeb9bffc0a6f754fae2a8cb373535b7da7dfee22da55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44193
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:31:21 GMT
roundtrip.js
s.adroll.com/j/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:b200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ef3f0269be7b675dce81bb81af21398575e3f96609f76c0f59881145bbfddff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
HNfyhH5qmLK0DbB1EQ.ihnSY7i0OY2m4
Content-Encoding
gzip
Etag
W/"ca2ef7b6ff5ea3fd1c2fdd160e7243b2"
Age
82
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
Last-Modified
Wed, 06 Apr 2022 19:05:26 GMT
Server
AmazonS3
Date
Thu, 05 May 2022 20:30:03 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
9_BTN7KAVhavv4J4JlofmBf2QaOiat1yMt4-ZToJXfIUZ0UU9KNH8A==
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=31ec3817894a0000183474629d010000364eba01&session=0684c099-e137-406e-8181-266ab1c609de&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:21 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=84982
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
tag.aspx
ml314.com/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?54
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 19:55:56 GMT
age
2125
x-guploader-uploadid
ADPycdu5RJteQ7gxVgJ2r-_h1TU2nfHhJcvhjpWgr2jH69UDGAwM2EzD_fbOTHqG9ZgFpSkCsb73ZdS7h-FOb5uiB6odjfT2aIT5
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32025
last-modified
Mon, 04 Apr 2022 15:43:44 GMT
server
UploadServer
cache-control
public,max-age=3600
etag
"25b1f355dd487bdf5381a749056080c4"
x-goog-hash
crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation
1649087024620619
cache-id
YUL-62c5aa93
x-cache-hit
hit
x-goog-stored-content-length
32025
accept-ranges
bytes
content-type
application/javascript
uwt.js
static.ads-twitter.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.208.157 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 16:06:31 GMT
etag
"1ce6e12fa6e9b18909e94a06df1ef9cb+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
9561
x-served-by
cache-iad-kiad7000103-IAD, cache-ewr18181-EWR
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
JTBW/11FNNvFFaw8iPEuS8FJwCXWSfaf5wHy1kRzQnNWIFGKdMfcoQNRSM6X/N9QcDy6a12joaoqwjgtDyNbTA==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 05 May 2022 20:31:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
spx
dx.mountain.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=32336&tdr=&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cb=69845348067201990term=value
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.240.152.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-152-58.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
85b5653ec5cb1d38fa3bf90a41ecaacab451beda767ca013fe3fce86510b27d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
connection
close
content-type
application/javascript;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344
10104846.fls.doubleclick.net/activityi;dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/ Frame FFF2
Redirect Chain
  • https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_chi...
  • https://10104846.fls.doubleclick.net/activityi;dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-t...
640 B
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10104846.fls.doubleclick.net/activityi;dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344?
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
9bcd9865a41a36d068a4a4c72620082c4c78594ba88fe6e78c9be3cfcd000610
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
460
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 20:31:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 20:31:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10104846.fls.doubleclick.net/activityi;dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
iztag.js
tags.inzynk.io/0ulh3gex/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.inzynk.io/0ulh3gex/iztag.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:1e00:12:dfa9:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ae57033e6e74caec49102dd8690a0dd15687d66611d4b924c6dadb3128c89b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 10:56:51 GMT
via
1.1 bbbec21cefbb98d3e62a68704f219fda.cloudfront.net (CloudFront)
last-modified
Mon, 07 Mar 2022 09:24:44 GMT
server
AmazonS3
age
34471
etag
"a4efe48a36c863351eb0786fe6dd873f"
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
2010
x-amz-cf-id
GgJa12wzfUfgN0oamNFbrYRs_VCnIgl-HQ1iX7T3t03RQlZ9HHz4SQ==
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-662878185&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
7f39b732af0f6e45633254b79890ccb989c3b441dbe87e4847365a6b73d7959b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14870
x-xss-protection
0
server
cafe
etag
5318846328053810925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 May 2022 20:31:21 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/7OBVBCAQE5FHDPFEAD5T4D/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:21ec:b200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
52074
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Mar 2022 22:40:46 GMT
Server
AmazonS3
Date
Thu, 05 May 2022 06:04:24 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
CkmSWGMgmQ7bzmsu7XQRk6Zuf-_toy6OsMU6-23-_fmTkg5fYPzE3w==

Redirect headers

Date
Thu, 05 May 2022 20:25:43 GMT
Via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
Age
338
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
zrpJFMAqnIpC_IfVL1KquaaIRAfbGxJ50NtmVt4loxO9d9ga0E0Wjg==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:21ec:b200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
46001
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Thu, 05 May 2022 07:45:47 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
0HNqGkDYP0NJx6QDHDtCSbVbsh1KCfV0egs1a1x2DgVsoPFYiz3Iug==

Redirect headers

Date
Thu, 05 May 2022 20:03:32 GMT
Via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
Age
1668
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
tqJI2CfZITCFnpRBTgswRTN7oi0vLjU0pfounCDjS68XiujCV6J-XQ==
index.js
s.adroll.com/j/pre/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:b200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
94jMoIKrNU3kqcUSs3b8rSU5gmyGOXwY
Content-Encoding
gzip
Etag
W/"33ed216ef4569e95a97e55fb39d91d38"
Age
3469
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 e60afe88b840ada9af7b8a328e52a866.cloudfront.net (CloudFront)
Last-Modified
Thu, 05 May 2022 02:07:07 GMT
Server
AmazonS3
Date
Thu, 05 May 2022 19:33:33 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
ZPpDZ1pfTyOScdafCx7IxLRyhuRlP5TELnQgXDWVooJMZ0vEEoaSAA==
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7120%26time%3D1651782681645%26url%3Dhttps%253A%252F%252Fwww.fortinet.com%252Fblog...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cookiesTest=true&liSync=...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&time=1651782681645&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cookiesTest=true&liSync...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4&_expected_cookie=5021942f86a5504d0f2891df...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4&_expected_cookie=5021942f86a5504d0f2891df35b80c78
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
706c3d4389c5a244-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4&_expected_cookie=5021942f86a5504d0f2891df35b80c78
date
Thu, 05 May 2022 20:31:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
706c3d43292ca244-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
utsync.ashx
ml314.com/ 		644 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=54820&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pv=1651782681650_jpb98vc2d&bl=en-us&cb=6628155&return=&ht=&d=&dc=&si=1651782681650_jpb98vc2d&cid=&s=1600x1200&rp=&v=2.5.1.2
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?54
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b17f326f287ba86cbd5f6b51ff31fa8ae48f99e5641fba7b41baeef864bca260

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
expires
0
177020962864941
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/177020962864941?v=2.9.58&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f78ea0370cb1e06521fe954a9a562d7b16ee036ccde8f0e3c463d2042c26d447
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88839
x-xss-protection
0
pragma
public
x-fb-debug
Zai2b9qKfkgWZSEY3sOsRZGcpmv8LX7xv+B4RvA+YzQaq1erfoYAXsYhYTKGbaaK187t2U6Npe0OJjYnCpf34Q==
x-frame-options
DENY
date
Thu, 05 May 2022 20:31:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		43 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=b0825ac0-c2c5-4553-aca0-3dbf4e73a1c4&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
7
date
Thu, 05 May 2022 20:31:21 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bfdc47f86ad165b943d86fb41d47d22352dc5173316d1224fddd64504c45c6bc
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ea44730f-0010-453e-8276-b1d65eeef81b&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
7
date
Thu, 05 May 2022 20:31:21 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bfdc47f86ad165b943d86fb41d47d22352dc5173316d1224fddd64504c45c6bc
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=860ce80a-79ab-4789-9d97-3e91948f924e&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
6
date
Thu, 05 May 2022 20:31:20 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bfdc47f86ad165b943d86fb41d47d22352dc5173316d1224fddd64504c45c6bc
content-length
43
adsct
t.co/i/
Redirect Chain
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sal...
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22page...
  • https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=...
43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=b0825ac0-c2c5-4553-aca0-3dbf4e73a1c4&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Protocol
H2
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
8
date
Thu, 05 May 2022 20:31:21 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bbe22c3a0ccd74dad5f628fde49e67fc2f9b23d372fb0134c43547642163c3e0
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
x-content-type-options
nosniff
location
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nxlzj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=b0825ac0-c2c5-4553-aca0-3dbf4e73a1c4&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
0
adsct
t.co/i/
Redirect Chain
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sal...
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22page...
  • https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=...
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ea44730f-0010-453e-8276-b1d65eeef81b&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Protocol
H2
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
5
date
Thu, 05 May 2022 20:31:21 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bbe22c3a0ccd74dad5f628fde49e67fc2f9b23d372fb0134c43547642163c3e0
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
x-content-type-options
nosniff
location
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o6ezf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ea44730f-0010-453e-8276-b1d65eeef81b&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
0
adsct
t.co/i/
Redirect Chain
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sal...
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22page...
  • https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=...
43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=860ce80a-79ab-4789-9d97-3e91948f924e&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
Protocol
H2
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
6
date
Thu, 05 May 2022 20:31:21 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bbe22c3a0ccd74dad5f628fde49e67fc2f9b23d372fb0134c43547642163c3e0
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
x-content-type-options
nosniff
location
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o72wb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=860ce80a-79ab-4789-9d97-3e91948f924e&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/?random=1651782681678&cv=9&fst=1651782681678&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
671942e93c63f4b6e27b884fd5eeade9fbd84ac89f059113bb4b7d613bdf0b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1105
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/?random=1651782681681&cv=9&fst=1651782681681&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a1aa4fa8314c9905ab6b15c9768098160f3576f6914af30db687fd087b4f5a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1113
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631698094/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631698094/?random=1651782681683&cv=9&fst=1651782681683&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d98b22e3f5323e79754562c554021de9fc853ff945eb28c61e3ff9584e6d6512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1106
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/?random=1651782681685&cv=9&fst=1651782681685&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db608156abd17e6a6e6f7862b6c225406695c8901ddfbea467903df3e0b1316f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1106
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0ulh3gex
analytics.inzynk.io/v/ 		209 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.inzynk.io/v/0ulh3gex?izcid=&iztid=&u=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&t=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs&p=%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&d=www.fortinet.com&r=
Requested by
Host: tags.inzynk.io
URL: https://tags.inzynk.io/0ulh3gex/iztag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.138.210 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-138-210.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
379ddb4cd63e89defe3f76240fd6735e8846202e88dec47a532144428fd5e3b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
server
nginx/1.18.0
content-length
209
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=ISO-8859-1
ibs:dpid=22052&dpuuid=3626996877699317842&redir=
dpm.demdex.net/ 		42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626996877699317842&redir=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.15.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-15-16.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-0bc907247.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ipuCEY5kQuo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3626996877699317842
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNjk5Njg3NzY5OTMxNzg0MhAAGg0ImejQkwYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=aaa8442dd78d408c4c584ab4c04651a96c3a0be9a462db5328a6a6e6e44229e0f4cb09cee1a4f8eb&person_id=3626996877699317842&eid=50082
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=aaa8442dd78d408c4c584ab4c04651a96c3a0be9a462db5328a6a6e6e44229e0f4cb09cee1a4f8eb&person_id=3626996877699317842&eid=50082
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 06 May 2022 16:31:21 GMT

Redirect headers

date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=aaa8442dd78d408c4c584ab4c04651a96c3a0be9a462db5328a6a6e6e44229e0f4cb09cee1a4f8eb&person_id=3626996877699317842&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
utsync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Fri, 06 May 2022 16:31:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3626996877699317842
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3626996877699317842
  • https://ml314.com/csync.ashx?fp=2a5221d7d3a1fc729d465dc784b55691&eid=50146&person_id=3626996877699317842
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=2a5221d7d3a1fc729d465dc784b55691&eid=50146&person_id=3626996877699317842
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 06 May 2022 16:31:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=2a5221d7d3a1fc729d465dc784b55691&eid=50146&person_id=3626996877699317842
cache-control
no-cache
x-server
10.40.47.122
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2gwAZEvFSVO-JhPGEZcci1v-e34TKaAR1VGv_vgcc_RM&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=2gwAZEvFSVO-JhPGEZcci1v-e34TKaAR1VGv_vgcc_RM&person_id=3626996877699317842&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:22 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Thu, 05 May 2022 20:31:21 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
expires
Fri, 06 May 2022 16:31:22 GMT
7OBVBCAQE5FHDPFEAD5T4D
d.adroll.com/consent/check/ 		440 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/7OBVBCAQE5FHDPFEAD5T4D?arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&_s=1596c58e105343f814485f6dd4f04592&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.39.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-39-133.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
b515880318a6aefaa59e638c1dd018378b55f423b0209eabb008fa795b2a9855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
440
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
/
adservice.google.com/ddm/fls/i/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc... Frame 1831 		639 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
Requested by
Host: 10104846.fls.doubleclick.net
URL: https://10104846.fls.doubleclick.net/activityi;dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4861f5bc86609d4c9d1585f0d21f163a13e3f0c26875b5040740ff38173c3bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10104846.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
461
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 20:31:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=177020962864941&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&rl=&if=false&ts=1651782681774&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651782681772.1740817896&it=1651782681660&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 05 May 2022 20:31:21 GMT
/
www.google.com/pagead/1p-user-list/729495989/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/729495989/?random=1651782681685&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=533154555&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/729495989/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/729495989/?random=1651782681685&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=533154555&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/662878185/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/662878185/?random=1651782681678&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=2855506096&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/662878185/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/662878185/?random=1651782681678&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=2855506096&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/631698094/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631698094/?random=1651782681683&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=2742059450&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/631698094/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/631698094/?random=1651782681683&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=2742059450&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/609297413/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/609297413/?random=1651782681681&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=3361821326&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/609297413/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/609297413/?random=1651782681681&cv=9&fst=1651780800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&tiba=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%C2%A0&async=1&fmt=3&is_vtc=1&random=3361821326&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.fortinet.com
date
Thu, 05 May 2022 20:31:21 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
/
10104846.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc... Frame 00EC
Redirect Chain
  • https://adservice.google.ca/ddm/fls/i/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_...
  • https://10104846.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-t...
335 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10104846.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
c6cebb694e1b4a62ee0ddcf1d387ed1b92b755ff2294460f4757498eaff1a749
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
277
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 20:31:22 GMT
expires
Thu, 05 May 2022 20:31:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 20:31:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://10104846.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
st
px.mountain.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-767980-1&ga_client_id=1478234246.1651782681&shpt=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-767980-1%22%2C%22ga_client_id%22%3A%221478234246.1651782681%22%2C%22shpt%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%22%2C%22dcm_cid%22%3A%221478234246.1651782681%22%2C%22dcm_gid%22%3A%221402674599.1651782681%22%2C%22ga_gclid%22%3A%221478234246.1651782681%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getClientIdByGA%22%3A%22OK%22%2C%22ga_gclid%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1478234246.1651782681&dcm_gid=1402674599.1651782681&dxver=4.0.0&shaid=32336&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cb=69845348067201990term%3Dvalue&shadditional=adroll%3Dtrue%2Cgoogletagmanager%3Dtrue%2C
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32336&tdr=&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&cb=69845348067201990term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
506692df9780955119142b5cfc90732f5a8283b25b58ef0b10e50d85f4a20819

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 May 2022 20:31:22 GMT
content-encoding
gzip
connection
close
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
content-type
application/javascript;charset=utf-8
/
p.adsymptotic.com/d/px/ Frame 00EC
Redirect Chain
  • https://px.ads.linkedin.com/collect/?pid=2159050&conversionId=6504418&fmt=gif
  • https://px4.ads.linkedin.com/collect?pid=2159050&conversionId=6504418&fmt=gif&e_ipv6=AQI5tO6AxdW7xgAAAYCV64ZL8enJVv0LbEq0rMRAwBkGvfS_XBdKqY4twua0a6-JesG97RJ-
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
Requested by
Host: 10104846.fls.doubleclick.net
URL: https://10104846.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPH8P-ZyfcCFYJBDQodnNUCSQ;src=10104846;type=sitew00;cat=sitew0;u3=https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6040135172190.344;~oref=https://www.fortinet.com/
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://10104846.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
706c3d443ab6a244-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Thu, 05 May 2022 20:31:21 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 339717DD29B24E73ADCC037DB469A6AD Ref B: YTO01EDGE0821 Ref C: 2022-05-05T20:31:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
x-li-proto
http/2
content-length
0
x-li-uuid
AAXeSaAFLr0cu2X0/CrQjA==
VGLVDYA6GRASZMUSTHUV5D.js
s.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/
Redirect Chain
  • https://d.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Ft...
  • https://s.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/VGLVDYA6GRASZMUSTHUV5D.js
10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/VGLVDYA6GRASZMUSTHUV5D.js
Protocol
HTTP/1.1
Server
2600:9000:21ec:b200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
584017c82dcee118c436214631bfce111e57da608a38631a60c517979f3825bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
QfbZ3AGx4R5f3VRoHZr3du0JfeqNB_sH
Content-Encoding
gzip
Etag
W/"510f881edf6ae0662cd8bdba1679dce3"
Age
3340
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Apr 2022 17:37:24 GMT
Server
AmazonS3
Date
Thu, 05 May 2022 19:38:27 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
yTREMr_WJguqtkyANI8CIC35zCzBnlSuqqJ8SBF4ryfeeBsgRH04TQ==

Redirect headers

date
Thu, 05 May 2022 20:31:22 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.20.0
x-rule
*
x-segment-eid
VGLVDYA6GRASZMUSTHUV5D
location
https://s.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/VGLVDYA6GRASZMUSTHUV5D.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
GIVUJ77KRNF4LOPGYJ6RS5
x-segment-name
*
x-advertisable-eid
7OBVBCAQE5FHDPFEAD5T4D
x-conversion-currency
/
www.facebook.com/tr/ Frame 5E2F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.fortinet.com
Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.fortinet.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 20:31:22 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sendrolling.js
s.adroll.com/j/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pv=7674947706.996771&cookie=&adroll_s_ref=&keyw=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:b200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b4fb78c5e5599a29f86d20a29d4f69e3ed0654547b1a595cf038ee0553b58d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id
ZF339xBDqZ1K9SKXIggpL0GW25oAXt0X
Content-Encoding
gzip
Etag
W/"156295addf985cb637d7863ee802fd77"
Age
142
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Apr 2022 15:24:31 GMT
Server
AmazonS3
Date
Thu, 05 May 2022 20:29:01 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
JFK51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
d6nEVRc4a5H_ZjczRwqZRwREj2IKiZbRtEvBFMZTHG5-2eWCs3TSbw==
719861091558308
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/719861091558308?v=2.9.58&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e85d4a7940bb2d2e7e8e144d96e143393410658ebf14f6117ef4c6537b0a3392
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88782
x-xss-protection
0
pragma
public
x-fb-debug
x03ZPTJQ/YCG7piK274XxuavH0atXYmcOQwXm+QOmGwVeIZY8NturK3lV6qCCbPry4tZl+IHFCK3NMOj46o1/Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 05 May 2022 20:31:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
px.ads.linkedin.com/collect/ 		0
0
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Date
Thu, 05 May 2022 20:31:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mg2nBTQ1z_9gSB3qv61DDg
  • https://d.adroll.com/cm/g/in
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
63.34.39.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-39-133.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&adve...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expiration=1683318682
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expiration=1683318682&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expiration=1683318682&C=1
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 May 2022 20:31:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 05 May 2022 20:31:22 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 May 2022 20:31:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expiration=1683318682&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Thu, 05 May 2022 20:31:22 GMT
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://idsync.rlcdn.com/377928.gif?partner_uid=9a0da7053435cfff60481deabfad430e
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ab508d9a76c6dc491d82073b7fbc0a2b077fe24957ddb35e6b951a706ccbecd4791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhYjUwOGQ5YTc2YzZkYzQ5MWQ4MjA3M2I3ZmJjMGEyYjA3N2ZlMjQ5NTdkZGIzNWU2Yjk1MWE3MDZjY2JlY2Q0NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhYjUwOGQ5YTc2YzZkYzQ5MWQ4MjA3M2I3ZmJjMGEyYjA3N2ZlMjQ5NTdkZGIzNWU2Yjk1MWE3MDZjY2JlY2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwImujQkwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=6ca57c48-a292-48d4-8605-2778a413ce1a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=6ca57c48-a292-48d4-8605-2778a413ce1a
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 May 2022 20:31:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=6ca57c48-a292-48d4-8605-2778a413ce1a
date
Thu, 05 May 2022 20:31:22 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expires=365
42 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expires=365
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&expires=365
pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=9a0da7053435cfff60481deabfad430e&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a0da7053435cfff60481deabfad430e&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a0da7053435cfff60481deabfad430e&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a0da7053435cfff60481deabfad430e&gdpr=0&gdpr_consent=
date
Thu, 05 May 2022 20:31:22 GMT
via
1.1 google
server
OXGW/18.1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&a...
  • https://pixel.advertising.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP53f0614b-ccb2-11ec-b918-02...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP53f0614b-ccb2-11ec-b918-02...
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP53f0614b-ccb2-11ec-b918-022210a54efd&verify=true
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP53f0614b-ccb2-11ec-b918-022210a54efd&verify=true
date
Thu, 05 May 2022 20:31:22 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&a...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Protocol
HTTP/1.1
Server
64.202.112.191 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:22 GMT
Cache-Control
no-cache
X-TraceId
1fc9c5505ec22696ef45d073ecf29532
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
100
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&a...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug003:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

location
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
165
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&ad...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17395

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 05 May 2022 20:31:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://ib.adnxs.com/setuid?entity=172&code=OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Protocol
HTTP/1.1
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 May 2022 20:31:22 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bb7f59ac-ed8e-4d9b-aa53-d9c17f25b8c2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 May 2022 20:31:22 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9f746d7d-b1a2-4ca3-9b22-58d02448f2cf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=ada68f61838c1e423f5ce86b3e6437b2-1651782682145&arrfrr=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&advertis...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mg2nBTQ1z_9gSB3qv61DDg
  • https://d.adroll.com/cm/g/in
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
63.34.39.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-39-133.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://marvel-b1-cdn.bc0a.com/f00000000216283/px.ads.linkedin.com/collect/?pid=2148604&fmt=gif
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000216283&url=https://px.ads.linkedin.com/collect/?pid=2148604&fmt=gif
  • https://px.ads.linkedin.com/collect/?pid=2148604&fmt=gif
  • https://px4.ads.linkedin.com/collect?pid=2148604&fmt=gif&e_ipv6=AQJEMgKoQMORUAAAAYCV64emq1oU90LkEW0Px7fh4wlqOmcLs-BEBmTJDzLUzjWIbHQyqG1D
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
706c3d465d9aa244-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Thu, 05 May 2022 20:31:21 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D8466F62DA7B4859A6468B593FCEA2A3 Ref B: YTO01EDGE0821 Ref C: 2022-05-05T20:31:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
x-li-proto
http/2
content-length
0
x-li-uuid
AAXeSaAKkB5dqEUGkYIOfQ==
gs
gs.mountain.com/ 		144 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gs.mountain.com/gs
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
4fa8d88798be63d520d69a0614e78fca1f10081d48bb9da9787a1dd513985e06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
10
connection
close
content-type
application/javascript;charset=utf-8
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
144
x-application-context
application:prod:8080
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=719861091558308&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&rl=&if=false&ts=1651782682364&cd[segment_eid]=VGLVDYA6GRASZMUSTHUV5D&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=29&fbp=fb.1.1651782681772.1740817896&it=1651782681660&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:31:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 05 May 2022 20:31:22 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=31ec3817894a0000183474629d010000364eba01&session=0684c099-e137-406e-8181-266ab1c609de&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A21%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:22 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
st
px.mountain.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-767980-1&ga_client_id=1478234246.1651782681&shpt=An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-767980-1%22%2C%22ga_client_id%22%3A%221478234246.1651782681%22%2C%22shpt%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%22%2C%22dcm_cid%22%3A%221478234246.1651782681%22%2C%22dcm_gid%22%3A%221402674599.1651782681%22%2C%22ga_gclid%22%3A%221478234246.1651782681%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getClientIdByGA%22%3A%22OK%22%2C%22ga_gclid%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1478234246.1651782681&dcm_gid=1402674599.1651782681&dxver=4.0.0&shaid=32336&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&shadditional=adroll%3Dtrue%2Cgoogletagmanager%3Dtrue%2C&cb=1651782682260267&shguid=867e74cf-02cb-37da-bfcb-9f639eeff194&shgts=1651782682640
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7a1648d953e35fda319c79ba88d4142432f0d43082776d0737d41ddeb1350b86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 May 2022 20:31:22 GMT
content-encoding
gzip
connection
close
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
content-type
application/javascript;charset=utf-8
tdsync
px.steelhousemedia.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=53ba35c5-ccb2-11ec-a184-31655845281d&gdpr=&gdpr_consent=
  • https://px.steelhousemedia.com/tdsync?tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&shguid=53ba35c5-ccb2-11ec-a184-31655845281d
0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.steelhousemedia.com/tdsync?tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&shguid=53ba35c5-ccb2-11ec-a184-31655845281d
Protocol
HTTP/1.1
Server
44.233.136.7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-136-7.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 May 2022 20:31:23 GMT
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://px.steelhousemedia.com/tdsync?tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&shguid=53ba35c5-ccb2-11ec-a184-31655845281d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
277
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=6s0zaeu&ct=0:0bi0elf&fmt=3
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDVlMTZiOWYtOTRhMy00MDk3LWFjOWQtZDlkYzg4YzFmYjMz&gdpr=0&gdpr_consent=&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc8...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&google_gid=CAESEKAlm9n9sVKDcX74Ae8w038&google_cver=1
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5892764131157033391&ttd_tdid=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33
  • https://tags.bluekai.com/site/5386?id=45e16b9f-94a3-4097-ac9d-d9dc88c1fb33&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
70 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:31:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Date
Thu, 05 May 2022 20:31:23 GMT
Connection
keep-alive
Content-Length
0
BK-Server
8332
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=31ec3817894a0000183474629d010000364eba01&session=0684c099-e137-406e-8181-266ab1c609de&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A22%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%223009%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:23 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.fortinet.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://www.fortinet.com
date
Thu, 05 May 2022 20:31:23 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=31ec3817894a0000183474629d010000364eba01&session=0684c099-e137-406e-8181-266ab1c609de&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A23%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%224012%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:24 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=31ec3817894a0000183474629d010000364eba01&session=0684c099-e137-406e-8181-266ab1c609de&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A24%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%225015%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:25 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=31ec3817894a0000183474629d010000364eba01&session=0684c099-e137-406e-8181-266ab1c609de&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A25%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226017%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:26 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=31ec3817894a0000183474629d010000364eba01&session=0684c099-e137-406e-8181-266ab1c609de&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2005%20May%202022%2020%3A31%3A26%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%227019%22%7D&isIframe=false&m=%7B%22description%22%3A%22With%20wiper%20malware%20becoming%20popular%20in%20cyberattacks%2C%20FortiGuard%20Labs%20provides%20a%20deep%20dive%20on%20the%20threat%20technique%20to%20help%20organizations%20understand%20it%20and%20implement%20better%20protections.%20Read%20our%20blog%20about%20wiper%20malware%20including%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22Threat%20Research%2Cmalware%2Cwiper%20malware%22%2C%22title%22%3A%22An%20Overview%20of%20the%20Increasing%20Wiper%20Malware%20Threat%20%7C%20FortiGuard%20Labs%26nbsp%3B%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&pageViewId=0ff03d8a-e339-46cd-82ce-eea539c43866&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.100.140.26 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-100-140-26.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:31:27 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect/?pid=2148604&fmt=gif

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| OneTrustStub function| OptanonWrapper function| enableMarvel string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| fortinet_blog object| EasyAutocomplete object| search_config object| keywords object| siteId object| lang object| options boolean| searchFired boolean| blogFilter string| documentsQuery string| blogCategories string| authorsList string| yearsList object| lastQuery number| totalReturn number| lastRow object| lastWordsForCounting function| htmlEncode function| hideAutoComplete function| sitesearch_init function| sitesearch_search_callback function| sitesearch_countall_callback function| sitesearch_do_search function| sitesearch_do_force_search function| sitesearch_spellcheck_callback function| sitesearch_do_spellcheck function| sitesearch_do_suggest_search function| sitesearch_query_searchresult_callback function| sitesearch_do_query_searchresult function| sitesearch_click_page_callback function| sitesearch_click_page function| search_action function| sitesearch_search_fortiguard function| count_facets_type function| shuffle_facets function| setImmediate function| clearImmediate function| $ function| jQuery object| Optanon object| OneTrust object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in number| timer_e object| _6si function| obApi object| uetq function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| UET function| UET_init function| UET_push object| ueto_16aa57f491 function| clarity function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto string| adroll_adv_id string| adroll_pix_id boolean| _storagePopulated boolean| __@@##MUH object| _omapp function| OptinMonsterApp boolean| om_loaded object| om45602_39852 function| omq function| hj object| _hjSettings string| wid_baseUrl object| wid_cmds object| cookieScriptWindow object| cookieScripts string| cookieScriptDomain number| cookieScriptDebug boolean| cookieScriptShowBadge string| cookieScriptCurrentUrl string| pagePath string| ftntCampaign function| updateCampaignCookie function| ftntInjectCookieScript function| ftntCookieScriptCreateCookie function| ftntCookieScriptReadCookie function| gtag object| omrav791o6unchmota70fu object| omb2dxtopzidsdt3fkzfsv object| omqbkzwxxbiv83f0ol5a2d object| omtd4yyupw30z3kaz7uhys object| ombs6hw8oho0l8z5lmhzmv object| omqxx1b0gslklfu2kjckea object| omtaoi2gud8wo2ip9kbnpv object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| s_i_fortinetincproduction object| gaplugins object| gaGlobal object| gaData function| fbAsyncInit object| _omns string| WID_VISITOR_ID string| WID_EVENT_TYPES string| WID_PAGE_TITLE string| WID_PAGE_URL string| WID_PAGE_REFERAL_URL number| WID_INTERVAL number| WID_IDLE_INTERVAL function| addListenerMulti function| wid_initAgain function| wid_handleAnchorClick function| wid_bundleParams function| wid_handleApiRequest function| wid_handleButtonClick function| wid_findParentByTagName function| wid_getCurrentUnixTimestamp function| wid_getCookie function| wid_setCookie function| wid_deleteCookie function| wid_generateRandomGuid function| wid_zeroFill function| wid_str_pad function| wid_rand object| t boolean| __adroll_loaded string| _linkedin_data_partner_id object| _ml function| twq function| fbq function| _fbq string| mlId string| axel number| a string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback function| lintrk boolean| _already_called_lintrk object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| izGetContentAsync function| izAddCookie function| izGetCookieValue function| izGetRequestUrl function| izGetPageTitle function| izGetPath function| izGetDomain function| izGetReferrer string| izcidValue string| iztidValue string| requestUrl string| title string| path string| domain string| referrer string| izAUrl function| __cmp function| __tcfapi object| adroll_exp_list object| __adroll_consent_data string| dcm_cid undefined| dcm_tid undefined| dcm_gid boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid object| adroll_form_fields string| adroll_rule_type object| irongate

114 Cookies

Domain/Path Name / Value
site.fortinet.com/utilservice Name: JSESSIONID
Value: 2B2B9EFE9399D70F3363B8B50611D4DF
www.fortinet.com/ Name: cookiesession1
Value: 678A3E95A8405752B66AB4A5B6006BC7
.fortinet.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+May+05+2022+20%3A31%3A20+GMT%2B0000+(GMT)&version=6.10.0&hosts=&consentId=4a8c637f-4410-4a13-b5f5-b1e4d8bedcd5&interactionCount=0&landingPath=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.bing.com/ Name: MUID
Value: 264A2B663ED464843FA93AFD3FFE654B
.bat.bing.com/ Name: MR
Value: 0
.fortinet.com/ Name: _uetsid
Value: 52a03790ccb211ecb83a8143e52d2f5a
.fortinet.com/ Name: _uetvid
Value: 52a07940ccb211ec81bc2fa4a7ebedd8
.6sc.co/ Name: 6suuid
Value: 31ec3817894a0000183474629d010000364eba01
www.fortinet.com/ Name: outbrain_cid_fetch
Value: true
www.fortinet.com/ Name: _an_uid
Value: 0
www.fortinet.com/ Name: _gd_visitor
Value: 536e71b2-ebbe-469c-82b9-6ad2d2cc729d
www.fortinet.com/ Name: _gd_session
Value: 0684c099-e137-406e-8181-266ab1c609de
www.fortinet.com/ Name: _gd_svisitor
Value: 31ec3817894a0000183474629d010000364eba01
.demdex.net/ Name: demdex
Value: 65859722852126076842252518367985430465
.fortinet.com/ Name: _clck
Value: 1b3qubz|1|f17|0
.fortinet.com/ Name: AMCVS_ED8739F75677FE917F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YnQ0GAAAAI9bsQQN
www.fortinet.com/ Name: _omappvp
Value: hbnJDj652uvUVEUJpOsbB7kegt6b06mB4Uxurae7903Cg1OwA7ntwl1a4HUdQn1DjT8SSLvb4jNspqUbMLm12B9Zp4Di2YH0
www.fortinet.com/ Name: _omappvs
Value: 1651782680846
.dpm.demdex.net/ Name: dpm
Value: 65859722852126076842252518367985430465
.fortinet.com/ Name: _clsk
Value: 1udrwvt|1651782680889|1|1|d.clarity.ms/collect
.fortinet.com/ Name: s_ecid
Value: MCMID%7C66203453230830318842289147603712101961
.fortinet.com/ Name: AMCV_ED8739F75677FE917F000101%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19118%7CMCMID%7C66203453230830318842289147603712101961%7CMCAAMLH-1652387480%7C9%7CMCAAMB-1652387480%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1651789880s%7CNONE%7CMCSYNCSOP%7C411-19125%7CMCAID%7CNONE%7CvVersion%7C5.3.0
.fortinet.com/ Name: gpv_pn
Value: www.fortinet.com%2Fblog%2Fthreat-research%2Fthe-increasing-wiper-malware-threat
.fortinet.com/ Name: s_getNewRepeat
Value: 1651782680992-New
.fortinet.com/ Name: s_cc
Value: true
.fortinet.com/ Name: _ga
Value: GA1.2.1478234246.1651782681
.fortinet.com/ Name: _gid
Value: GA1.2.1402674599.1651782681
.fortinet.com/ Name: _gat_gtag_UA_767980_1
Value: 1
.fortinet.com/ Name: _hjSessionUser_1178304
Value: eyJpZCI6IjU3NjFhZDA4LTNkYmEtNTczNi05MGVjLTIyMmRlNmEyZGI5ZCIsImNyZWF0ZWQiOjE2NTE3ODI2ODEwODYsImV4aXN0aW5nIjpmYWxzZX0=
.fortinet.com/ Name: _hjFirstSeen
Value: 1
www.fortinet.com/ Name: _hjIncludedInSessionSample
Value: 0
.fortinet.com/ Name: _hjSession_1178304
Value: eyJpZCI6ImUyMmI3MTgyLWU2NzEtNDFhYS04MTgxLTdlMjM0MWQwZGEyOSIsImNyZWF0ZWQiOjE2NTE3ODI2ODExMTgsImluU2FtcGxlIjpmYWxzZX0=
www.fortinet.com/ Name: _hjIncludedInPageviewSample
Value: 1
.fortinet.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.fortinet.com/ Name: omSeen-b2dxtopzidsdt3fkzfsv
Value: 1651782681183
www.fortinet.com/ Name: WID_VISITOR_ID
Value: 1651782681358639931
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 264A2B663ED464843FA93AFD3FFE654B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 264A2B663ED464843FA93AFD3FFE654B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.fortinet.com/ Name: _gcl_au
Value: 1.1.793822486.1651782682
.ml314.com/ Name: pi
Value: 3626996877699317842
.ml314.com/ Name: tp
Value: 4%3b5%2f5%2f2022+4%3a31%3a21+PM%3b0
.linkedin.com/ Name: li_sugr
Value: 41770aa6-cdb6-4c7b-9cf3-d6bb2c3476a4
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&059675da-02c4-4a4a-8aed-d2f7d6bc0fd5"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2614:u=1:x=1:i=1651782681:t=1651869081:v=2:sig=AQHUd-rvZ9dGnaPRWxFjeyKL_ooqyPUe"
.fortinet.com/ Name: _fbp
Value: fb.1.1651782681772.1740817896
.twitter.com/ Name: personalization_id
Value: "v1_8KbVorfw8qpn1Pvwzlc0mg=="
site.fortinet.com/ Name: cookiesession1
Value: 678B2875V0123456798901234ABC609A
.linkedin.com/ Name: UserMatchHistory
Value: AQIlKERlx2k8vwAAAYCV64TEB-iui2hci8hsPp2rQYWYFTGJzKxULsK0OxClihGfRpwki0ep4UJ_jg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIu0yR5Kx2KgAAAAYCV64TEdYGIZ7kbrU4jiXdfhrjsNLxyLHYmGmcbxSwGYoD8HBFOUfUoVnxyf639TgPQIw
.fortinet.com/ Name: aa_cc
Value: CA
.fortinet.com/ Name: aa_cn
Value: Canada
.facebook.com/ Name: fr
Value: 0K6r1R2fJeNQC0i5n..BidDQZ...1.0.BidDQZ.
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220505203121e8a3fbce-80e3-4d54-874d-91961988ea2aAQEiyr0WyBAkvQh103vEjG8zxq6Nst1u"
.adsrvr.org/ Name: TDID
Value: 45e16b9f-94a3-4097-ac9d-d9dc88c1fb33
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2a5221d7d3a1fc729d465dc784b55691
.eyeota.net/ Name: mako_uid
Value: 18095eb8574-19f70000010a448c
.eyeota.net/ Name: SERVERID
Value: 17548~DM
.ml314.com/ Name: u
Value: aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tLw==
.t.co/ Name: muc_ads
Value: 36529005-2d7d-4854-a256-9f5a50769910
.doubleclick.net/ Name: IDE
Value: AHWqTUltQIXTcrsi73SpdVci2vniLiChaCZt8aDEbsTyUV_RN1Wwbk1f1NI7y2ukZ9U
.adsymptotic.com/ Name: U
Value: 5021942f86a5504d0f2891df35b80c78
.www.fortinet.com/ Name: __adroll_fpc
Value: ada68f61838c1e423f5ce86b3e6437b2-1651782682145
.inzynk.io/ Name: iztid
Value: 1651782689465
www.fortinet.com/ Name: iztid
Value: 1651782689465
www.fortinet.com/ Name: izcid
Value: 1651782685487
.mountain.com/ Name: guid
Value: 53ba35c5-ccb2-11ec-a184-31655845281d
.www.fortinet.com/ Name: __ar_v4
Value: %7C7OBVBCAQE5FHDPFEAD5T4D%3A20220504%3A1%7CGIVUJ77KRNF4LOPGYJ6RS5%3A20220504%3A1%7CVGLVDYA6GRASZMUSTHUV5D%3A20220504%3A1
.rlcdn.com/ Name: rlas3
Value: dwljfXWrpRh621HTzKcG7x2GMw71b8Vbtku7FMv2kDs=
.rlcdn.com/ Name: pxrc
Value: CJno0JMGEgUI6AcQABIFCOhHEAESBQjbThAA
.casalemedia.com/ Name: CMID
Value: YnQ0GqBNh7XOp9VY9WPn2AAA
.casalemedia.com/ Name: CMPS
Value: 470
.rubiconproject.com/ Name: khaos
Value: L2TGRES8-1G-5IS1
.pippio.com/ Name: did
Value: fiD0jagAc2HrWDSO
.pippio.com/ Name: didts
Value: 1651782682
.pippio.com/ Name: nnls
Value:
.casalemedia.com/ Name: CMPRO
Value: 496
.casalemedia.com/ Name: CMRUM3
Value: 696274341a2760OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
.casalemedia.com/ Name: CMST
Value: YnQ0GmJ0NBoA
.openx.net/ Name: i
Value: 252c5717-aff5-477c-aa77-482f443df1ad|1651782682
.taboola.com/ Name: t_gid
Value: ebba6b83-3ef8-449f-8a63-2b428de7403d-tuct96db99a
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU&KRTB&22883-OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
.pubmatic.com/ Name: PugT
Value: 1651782682
.pubmatic.com/ Name: PUBMDCID
Value: 2
.3lift.com/ Name: tluid
Value: 3986947335917914496465
d.adroll.com/ Name: __adroll
Value: 9a0da7053435cfff60481deabfad430e-g_1651782682-a_1651782682
.adroll.com/ Name: __adroll_shared
Value: 9a0da7053435cfff60481deabfad430e-g_1651782682-a_1651782682
.adnxs.com/ Name: uuid2
Value: 5892764131157033391
.outbrain.com/ Name: obuid
Value: 6977ea20-42ed-4a18-909f-fa798b4e762b
.outbrain.com/ Name: adrl
Value: OWEwZGE3MDUzNDM1Y2ZmZjYwNDgxZGVhYmZhZDQzMGU
.bidswitch.net/ Name: tuuid
Value: 2b093544-5cd1-4abd-9257-3c46ad9bf18b
.bidswitch.net/ Name: c
Value: 1651782682
.bidswitch.net/ Name: tuuid_lu
Value: 1651782682
.advertising.com/ Name: APID
Value: UP53f0614b-ccb2-11ec-b918-022210a54efd
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2GVLdW^Gx!]tbPl@/@8$-^=$UfZGVGS+2Z]3No%FY/6N^D78*@/T_=EDaA-L>A)JADUmA@*@-JD%VuF[8/NR*JLM`3If)y3KL9D3I?.>JwYZg
.pippio.com/ Name: pxrc
Value: CJro0JMGEgQIAhAAEgYI7OsBEAA=
.yahoo.com/ Name: A3
Value: d=AQABBBo0dGICEJHmH9hWj-ExlxaL-rnPQNUFEgEBAQGFdWJ-YgAAAAAA_eMAAA&S=AQAAAirNZVM23diCVXRGtRzJsZo
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~24pw
.linksynergy.com/ Name: rmuid
Value: 6ca57c48-a292-48d4-8605-2778a413ce1a
.linksynergy.com/ Name: icts
Value: 2022-05-05T20:31:22Z
.px.mountain.com/ Name: tt
Value: "H4sIAAAAAAAAAKtW8guKNzYyNjaLNzK3NFayMtBRgnItjC2UrAzNTA3NLYzMLIwszC11lMqUrIx0kLSA1RjUAgAGRMC1RgAAAA=="
.mountain.com/ Name: rt
Value: "MzIzMzY6MTY1MTc4MjY4Mg=="
.rubiconproject.com/ Name: audit
Value: 1|9L7zqszxVu5EQ9ecQt/YGs8NAMn2O6X6/D7oSX53ZdceECEUBMheislsVbIE2KcBejlnT2Zo9lswHTRO1/p4iGlty70eE65yR164mUDQhphJnKuoXdYGNrTYO6qmJuW1ezY8RJhTyCfBYhfW9ientU1KjzMb0LLrpkYnAWiw5/9tAqA7LrUggybyzRQDbtqQCwfRAfYnv8yyqVI1k5poNA==
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJy5iaLvQp9x9WXEdIvMi5jXCa/GUAwif3gOIZYpf4AqYL11EJViDBVSF7+W2nSkooFzgJ6BH+FSlUD9ChG5x+2e16dsa9+Kfm+dHMiwH/4TQQAMINUAuLGXNVl/fWaQnx1Zd7J8XovUz/9+adR8Kbsem//0QyimP6HkU+wfxNr/wyXY1P/=
.bluekai.com/ Name: bku
Value: YCD99OL65svjefxl
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHZDB0cm8xahILCObf9P-HuNc6EAUSEgoDYWFtEgsI2ry4qs6FzDoQBRIWCgdydWJpY29uEgsIhsKQi4i41zoQBRIVCgZnb29nbGUSCwimg6WMiLjXOhAFEhcKCGFwcG5leHVzEgsIrJKOjYi41zoQBRIWCgdibHVla2FpEgsIrJKOjYi41zoQBRgFOAFCBCICCAE.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10104846.fls.doubleclick.net
a.omappapi.com
a.opmnstr.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
amplify.outbrain.com
analytics.inzynk.io
analytics.twitter.com
api.omappapi.com
argusplatform.com
assets.adobedtm.com
b.6sc.co
bat.bing.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.clarity.ms
dpm.demdex.net
dsum-sec.casalemedia.com
dx.mountain.com
eb2.3lift.com
epsilon.6sense.com
fortinet.demdex.net
geolocation.onetrust.com
googleads.g.doubleclick.net
gs.mountain.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
insight.adsrvr.org
j.6sc.co
marvel-b1-cdn.bc0a.com
marvel-b2-cdn.bc0a.com
marvel-processor.bc0a.com
match.adsrvr.org
metrics.fortinet.com
ml314.com
p.adsymptotic.com
pippio.com
pixel.advertising.com
pixel.rubiconproject.com
pixels.argusplatform.com
ps.eyeota.net
px.ads.linkedin.com
px.mountain.com
px.steelhousemedia.com
px4.ads.linkedin.com
s.adroll.com
s7.addthis.com
script.hotjar.com
secure.adnxs.com
site.fortinet.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
sync.crwdcntrl.net
sync.outbrain.com
sync.taboola.com
t.co
tags.bluekai.com
tags.inzynk.io
tags.rd.linksynergy.com
tr.outbrain.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.argusplatform.com
www.facebook.com
www.fortinet.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
z.moatads.com
px.ads.linkedin.com
104.100.140.26
104.18.100.194
104.244.42.131
104.244.42.133
104.36.115.109
107.178.254.65
13.107.42.14
13.225.223.110
13.225.223.19
13.35.73.71
13.51.138.210
138.199.40.58
141.226.224.48
142.250.176.198
142.250.80.34
142.251.40.162
15.197.193.217
151.101.208.157
184.85.195.135
20.36.253.92
2001:4998:14:800::1001
23.198.216.120
23.52.163.40
23.54.68.240
23.54.69.74
2600:1400:d:480::1e80
2600:141b:13::17d7:82d0
2600:9000:21ec:1e00:12:dfa9:e200:93a1
2600:9000:21ec:9000:0:f267:a5c0:93a1
2600:9000:21ec:b200:6:9280:1080:93a1
2606:4700:10::6814:b944
2606:4700::6810:9540
2607:f8b0:4006:809::2004
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:822::2002
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.225.53.134
34.111.234.236
34.212.4.35
34.251.139.24
34.98.67.3
35.166.150.193
35.190.60.146
35.201.125.192
35.201.70.94
35.211.178.172
35.244.159.8
35.71.139.29
40.76.174.66
44.199.160.6
44.233.136.7
44.240.152.58
52.211.91.250
52.25.15.16
52.37.218.4
52.4.112.7
52.45.33.138
52.85.61.14
54.156.26.12
54.171.126.73
54.237.255.89
54.85.127.37
63.140.38.120
63.34.39.133
64.202.112.191
68.67.179.123
68.67.179.153
8.43.72.98
96.45.36.159
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
05c6b444e68f8b6d629346c8dc315664816ec743143e4e3c60c654ee92b88f70
0c249856f50498661dd329eced45d93b43f9895beb7b7a0c37a6df1a5cca0799
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15bec52e13e4cc35f89fc5f9066d71996e9e08bc496b02d1ebfb75b023864109
17de8c87ce63c805d4d184cae60555f4b161a9679a900c367bf3b793e5aed002
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e1a42cb75ebd81eb31850e485ef4c6e3667a45f57f778f249bca1f2852a97e4
1ef3f0269be7b675dce81bb81af21398575e3f96609f76c0f59881145bbfddff
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
2cf115120e7474780b0a518ea807f121ebb277a5bbb3b86b7799329d4b899c5c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36f3c20f1d59fa29a00dbc20e6acc8eed155313db57bc90e7806b59812cdb898
379ddb4cd63e89defe3f76240fd6735e8846202e88dec47a532144428fd5e3b2
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8
4861f5bc86609d4c9d1585f0d21f163a13e3f0c26875b5040740ff38173c3bb8
49fdf28873a2eb5f627492081131dbb97a4773d8603c8c1133d6cee8409451ad
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
4c24d1a4e2e980244f1fe78ef87bb55e83c209ea993af58a9d3c8a53280a8a7c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3
4fa8d88798be63d520d69a0614e78fca1f10081d48bb9da9787a1dd513985e06
506692df9780955119142b5cfc90732f5a8283b25b58ef0b10e50d85f4a20819
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5491ca98ec4c04b695feb21b0594d16c995b896c9729f82bc4998033c0ca2a19
584017c82dcee118c436214631bfce111e57da608a38631a60c517979f3825bb
5a1aa4fa8314c9905ab6b15c9768098160f3576f6914af30db687fd087b4f5a6
5b2a701d65b9123b5942f52b5b921db8d119777961c2652fc1ed0907f42a896c
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
5e345f597d5e2c09fc4337c1b6ebd8eaedf9e0703e5bc8a9d22f228e487c0cf3
60d3342c40370093c05240eb2015f3c345504c7838ef1db37b028d50b58cd1a2
671942e93c63f4b6e27b884fd5eeade9fbd84ac89f059113bb4b7d613bdf0b59
6b4df9304313441b440457afe4adb4e58b84b991730a01218eaf147c2900542a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e86e3ef14320d1c04dfeeb9bffc0a6f754fae2a8cb373535b7da7dfee22da55
6ec3eaa960374bd8df144b340b0208053e7ca3e1b93278f533882c5a649a8eda
6fe9f9f7b377dc96c8b87655739234ae33479d20c2d8993f4ab01d3d8e4adb2a
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
78590e4a88439feae66201052c7802ca5a18f1525fa37d7b48bd0dce0921b312
7a1648d953e35fda319c79ba88d4142432f0d43082776d0737d41ddeb1350b86
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7ae57033e6e74caec49102dd8690a0dd15687d66611d4b924c6dadb3128c89b0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7f39b732af0f6e45633254b79890ccb989c3b441dbe87e4847365a6b73d7959b
82e66cc74f5203b79cbaafeff9cb207526a880a840c21a471558f5faba8869e0
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85aacb29871324d1ac901f0ca0860812a1d20932c540f0780e211ab74cae3a5d
85b5653ec5cb1d38fa3bf90a41ecaacab451beda767ca013fe3fce86510b27d6
8b4fb78c5e5599a29f86d20a29d4f69e3ed0654547b1a595cf038ee0553b58d2
8bc2cda291e24e7c33eb1df7a0c3063493ff4ac470a7f893668063fe4beec8b8
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595
965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d90c064e4865370c35da3d8d96f34453e6d0d10b73e98e5819b613e22f5f70
9af0506f7d0221d9049280d06c6af4bc060a54a9657bbdef66bc3e85b8d00904
9bcd9865a41a36d068a4a4c72620082c4c78594ba88fe6e78c9be3cfcd000610
9f51798439fdb9b68d153f6ada3365a1220d7cdba9500ff1be8a80f7b35b69b5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2116496e5531a73295fd48a0dc24d2789a5da1fcb3723e5fc5311874643608f
a334f368b502d68bcaafb174022cfe21775f1744f0a1cd520d0c57d094a8e66a
aa218ee63921815502ce66c0e3ae23219d02747b466e56180f215000f60c0e83
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f326f287ba86cbd5f6b51ff31fa8ae48f99e5641fba7b41baeef864bca260
b29b1388d9b4de4ac0d5ba8b5c171174485de67babfb8114c2ee80d793372501
b420ab4da31c0bbba899c91b4d4b239d852288d430d28925375d0929a2719320
b515880318a6aefaa59e638c1dd018378b55f423b0209eabb008fa795b2a9855
b77f6fa10a82b4f583ce0ad71b79b0522b7bf784b63b7a6e6aa4256facc586ec
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
b85b80b28ed34b45036bcb9e798e8b1a2ed45881166b12877438ba67b556ff11
bae0f2a1cb0912d7f4b4bb9f18f3e03026c34c3532de0652eefabc6015da3a4a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c00b9a9837d40b4c6208cce4bac48c4055d9d1b604f95f6506767a608b35bd95
c06a5ebc732ce46b3b6b6741da871dea081b56656b9191fe77c4f1a685f05a6e
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c663f37be6eaac4b70dff7d27c618732c667d0f96f09b08e337beac7af3b2a88
c6cebb694e1b4a62ee0ddcf1d387ed1b92b755ff2294460f4757498eaff1a749
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6b0a97264d057e729e9e6995152f04babb6c2fd5c0a86f575dcc8db0978c7c
d166ca7fa82247a8f1be6b91565a1c3d2f772603184d0ca0873e3961a3bdb67f
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d7b2c577a4b1fe6979f27eb7a40655eca03a86a1cf7f28fb4bb7a60fc7099bee
d98b22e3f5323e79754562c554021de9fc853ff945eb28c61e3ff9584e6d6512
db608156abd17e6a6e6f7862b6c225406695c8901ddfbea467903df3e0b1316f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7b6e0ae7e246d8d97a90baadc52b3d740c464f1236b1331c7e5cd371c958ad
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e372fb1274ae488f1ca7ac0f4eef4f20f7b67cf809916cf928f6c053cdbf7504
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e578d376143ed289b48dbdfefab47fbf1e69d213fcd55cd35e0cf74d93631310
e6f5e86f67513b9595f08907d56fbbccd06c04293a4218ba9125eadcb53be59f
e85d4a7940bb2d2e7e8e144d96e143393410658ebf14f6117ef4c6537b0a3392
eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff43e49142db1ab1ae6fee352b06a5db407ef4c4b88b5c21398a5e5b2020ace
f369912bd823c1cf6da7363090ff7bff3dcdadcaba6bc80877f8a25a70049d86
f3a23feb765a20d4d75794c49a6ffce6ed593c2e7773c740b3edb4f82c4423dc
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f78ea0370cb1e06521fe954a9a562d7b16ee036ccde8f0e3c463d2042c26d447
f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e
fb2e52dbdcd26b1d05506fe43f9db4efe53072dbab0d46a36a8a68eb7931a1ba
fbee62ba61411045badf0009e041035b6fc7345965bfe4fdf924c3f0c79127ab
fc9d48a549664bff408d8b0536d699760506e694a003040ce606fcbaee7784c2
fcd62b64dc9bcc692b198b6eb24cb9be42ca9537312bff72d8b4e0cf7a0f0e94