www.fortinet.com
Open in
urlscan Pro
52.52.208.2
Public Scan
Submission: On April 03 via manual from IN
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 22nd 2019. Valid for: 2 years.
This is the only time www.fortinet.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-208-2.us-west-1.compute.amazonaws.com
www.fortinet.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-45.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-105-51.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s7.addthis.com | |
v1.addthisedge.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-201-43.eu-west-1.compute.amazonaws.com
fortinet.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
metrics.fortinet.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-196-159.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-11-118.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org | |
d.adroll.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-60-226.compute-1.amazonaws.com
api.omappapi.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
optin-monster.s3.amazonaws.com |
Domain | Requested by | |
---|---|---|
10 | www.fortinet.com |
www.fortinet.com
|
6 | assets.adobedtm.com |
www.fortinet.com
assets.adobedtm.com |
5 | s.adroll.com |
1 redirects
www.googletagmanager.com
www.fortinet.com s.adroll.com |
4 | dpm.demdex.net |
1 redirects
www.fortinet.com
|
2 | www.facebook.com | 1 redirects |
2 | connect.facebook.net |
www.fortinet.com
connect.facebook.net |
2 | optin-monster.s3.amazonaws.com |
a.optmnstr.com
|
2 | api.omappapi.com |
a.optmnstr.com
|
2 | d.adroll.com |
www.fortinet.com
|
2 | px.ads.linkedin.com |
1 redirects
www.fortinet.com
|
2 | snap.licdn.com |
www.googletagmanager.com
www.fortinet.com |
2 | metrics.fortinet.com |
assets.adobedtm.com
www.fortinet.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.fortinet.com |
2 | s7.addthis.com |
assets.adobedtm.com
s7.addthis.com |
1 | cx.atdmt.com | |
1 | t.co | |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | static.ads-twitter.com |
www.fortinet.com
|
1 | cdnjs.cloudflare.com |
a.optmnstr.com
|
1 | ajax.googleapis.com |
a.optmnstr.com
|
1 | d.adroll.mgr.consensu.org | 1 redirects |
1 | www.linkedin.com | 1 redirects |
1 | a.optmnstr.com |
www.googletagmanager.com
|
1 | v1.addthisedge.com |
s7.addthis.com
|
1 | cm.everesttech.net | 1 redirects |
1 | fortinet.demdex.net |
assets.adobedtm.com
|
1 | z.moatads.com |
s7.addthis.com
|
1 | www.googletagmanager.com |
www.fortinet.com
|
52 | 28 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.fortinet.com DigiCert SHA2 High Assurance Server CA |
2019-01-22 - 2021-03-31 |
2 years | crt.sh |
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2019-10-10 - 2020-09-04 |
a year | crt.sh |
moatads.com DigiCert SHA2 Secure Server CA |
2020-01-17 - 2021-03-17 |
a year | crt.sh |
metrics.fortinet.com DigiCert SHA2 High Assurance Server CA |
2019-01-29 - 2021-02-02 |
2 years | crt.sh |
*.adroll.com DigiCert SHA2 Secure Server CA |
2020-01-29 - 2021-04-29 |
a year | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
*.optmnstr.com Go Daddy Secure Certificate Authority - G2 |
2018-07-10 - 2020-07-10 |
2 years | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2020-03-04 - 2020-09-04 |
6 months | crt.sh |
adroll.mgr.consensu.org Amazon |
2019-11-06 - 2020-12-06 |
a year | crt.sh |
*.omappapi.com Go Daddy Secure Certificate Authority - G2 |
2020-03-16 - 2022-03-16 |
2 years | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2021-03-12 |
a year | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2019-08-14 - 2020-08-18 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2020-06-03 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.fortinet.com/blog/threat-research/latest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html?utm_source=social&utm_medium=twitter-org&utm_campaign=sprinklr
Frame ID: 55B626AD1A8776A32DA5E2378FC4BB30
Requests: 54 HTTP requests in this frame
Frame:
https://fortinet.demdex.net/dest5.html?d_nsid=0
Frame ID: 9C938319CB53173D72AEA9FE6001EC84
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
AdRoll (Advertising Networks) Expand
Detected patterns
- script /(?:a|s)\.adroll\.com/i
Adobe DTM (Tag Managers) Expand
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: FortiGuard Labs
Search URL Search Domain Scan URL
Title: FortiGuard Labs
Search URL Search Domain Scan URL
Title: FortiClient
Search URL Search Domain Scan URL
Title: cyberthreatalliance.org
Search URL Search Domain Scan URL
Title: sign up
Search URL Search Domain Scan URL
Title: Security Rating Service
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Threat Briefs
Search URL Search Domain Scan URL
Title: Fuse
Search URL Search Domain Scan URL
Title: Free cookie consent by cookie-script.com
Search URL Search Domain Scan URL
Title: AddThis
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1585902244149 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1585902244149
- https://cm.everesttech.net/cm/dd?d_uuid=66958654134655583333464077980969173210 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XobypAAAAxmf7lL0
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Flatest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html%3Futm_source%3Dsocial%26utm_medium%3Dtwitter-org%26utm_campaign%3Dsprinklr&time=1585902244583 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7120%26url%3Dhttps%253A%252F%252Fwww.fortinet.com%252Fblog%252Fthreat-research%252Flatest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html%253Futm_source%253Dsocial%2526utm_medium%253Dtwitter-org%2526utm_campaign%253Dsprinklr%26time%3D1585902244583%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Flatest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html%3Futm_source%3Dsocial%26utm_medium%3Dtwitter-org%26utm_campaign%3Dsprinklr&time=1585902244583&liSync=true
- https://s.adroll.com/j/exp/7OBVBCAQE5FHDPFEAD5T4D/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/7OBVBCAQE5FHDPFEAD5T4D?_s=7c718e011393fd158fa1ccfd15290aa9&_b=2 HTTP 302
- https://d.adroll.com/consent/check/7OBVBCAQE5FHDPFEAD5T4D/?_s=7c718e011393fd158fa1ccfd15290aa9&_b=2
- https://www.facebook.com/tr/?id=559328277756725&ev=Microdata&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Flatest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html%3Futm_source%3Dsocial%26utm_medium%3Dtwitter-org%26utm_campaign%3Dsprinklr&rl=&if=false&ts=1585902245913&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Latest%20Global%20COVID-19%2FCoronavirus%20Spearphishing%20Campaign%20Drops%20Infostealer%20%22%2C%22meta%3Akeywords%22%3A%22threat%20research%2CThreat%20Research%2CCOVID-19%20%2CCybersecurity%20Architect%22%2C%22meta%3Adescription%22%3A%22FortiGuard%20Labs%20recently%20discovered%20a%20new%20COVID-19%2FCoronavirus-themed%20spearphishing%20scam.%20Learn%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Fortinet%20Blog%22%2C%22og%3Atitle%22%3A%22Latest%20Global%20COVID-19%2FCoronavirus%20Spearphishing%20Campaign%20Drops%20Infostealer%20%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Flatest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22FortiGuard%20Labs%20recently%20discovered%20a%20new%20COVID-19%2FCoronavirus-themed%20spearphishing%20scam.%20Learn%20more.%E2%80%A6%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.fortinet.com%2Fcontent%2Fdam%2Ffortinet-blog%2Farticle-images%2Fcovid-infostealer-val-blog%2FPicture5.png%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite%22%3A%22%40Fortinet%22%2C%22article%3Aauthor%22%3A%22Val%20Saengphaibul%20%22%2C%22article%3Asection%22%3A%22Threat%20Research%22%2C%22article%3Apublished_time%22%3A%222020-04-02T00%3A00%3A00.000-07%3A00%22%2C%22article%3Atag%22%3A%22Cybersecurity%20Architect%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585902245404.1896703915&it=1585902245375&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
- https://cx.atdmt.com/?c=18216455641676499954&f=AYyanibAXHEM1daGTByaU2mZMHL_uxpEXyjwvHA991sq1rzdFV_oSpF-LOTzKeFQrcr8xJBvh6AXG2zl3DfUfHzI&id=559328277756725&l=3&v=0
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
latest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html
www.fortinet.com/blog/threat-research/ |
36 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-base.min.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ |
212 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
assets.adobedtm.com/ |
203 KB 52 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ |
32 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-base.min.js
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ |
165 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
101 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
71 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/ |
36 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
addthis_widget.js
s7.addthis.com/js/300/ |
349 KB 113 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Picture5.png
www.fortinet.com/content/dam/fortinet-blog/article-images/covid-infostealer-val-blog/ |
105 KB 106 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Picture6.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/coronavirus-media-frenzy-blog/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-engineering-covid-img.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/social-engineering-covid/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft-vuln-three.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/bluekeep-vulnerability/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moatframe.js
z.moatads.com/addthismoatframe568911941483/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ |
367 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
fortinet.demdex.net/ Frame 9C93 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
metrics.fortinet.com/ |
48 B 485 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=XobypAAAAxmf7lL0
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s2106779255996
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.20.0-LAR3/ |
43 B 627 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCb652faf409a54c3db318899e2cbcc95c-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/3eb016d0743a/ |
881 B 697 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5d48adfc650f1a9e/ |
2 KB 756 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picture1.png
www.fortinet.com/blog/threat-research/latest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer/_jcr_content/root/responsivegrid/image_654800395.img.png/1585847269348/ |
177 KB 178 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picture2.png
www.fortinet.com/blog/threat-research/latest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer/_jcr_content/root/responsivegrid/image_595397333.img.png/1585847652032/ |
159 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
34 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.min.js
a.optmnstr.com/app/js/ |
198 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 63 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/7OBVBCAQE5FHDPFEAD5T4D/GIVUJ77KRNF4LOPGYJ6RS5/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.adroll.com/consent/check/7OBVBCAQE5FHDPFEAD5T4D/ Redirect Chain
|
106 B 198 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ |
263 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
39852
api.omappapi.com/v2/embed/ |
637 KB 57 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
consent.js
s.adroll.com/j/ |
243 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hod
d.adroll.com/consent/ |
42 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC4a2e638109b443d5b84d8f2e2216b80e-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/3eb016d0743a/ |
819 B 746 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC0b6c219cefad47a7856f990eee551ad6-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/3eb016d0743a/ |
847 B 721 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC4da2046cb6a74ff89eee84fdeadc51af-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/3eb016d0743a/ |
1005 B 834 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.omappapi.com/v2/geolocate/json/ |
242 B 555 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-detect.min.js
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.3/ |
38 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bf9b60c3e96b1585247218-threat-report-banner.jpg
optin-monster.s3.amazonaws.com/users/df0603609574/images/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
443 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
559328277756725
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 651 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
42 B 433 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bf9b60c3e96b1585247218-threat-report-banner.jpg
optin-monster.s3.amazonaws.com/users/df0603609574/images/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
167 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| t function| postscribe object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto boolean| __@@##MUH object| s_i_fortinetincproduction object| fortinet_blog object| EasyAutocomplete object| search_config object| keywords object| siteId object| lang object| options boolean| searchFired boolean| blogFilter string| documentsQuery string| blogCategories string| authorsList string| yearsList object| lastQuery number| totalReturn number| lastRow object| lastWordsForCounting function| htmlEncode function| hideAutoComplete function| sitesearch_init function| sitesearch_search_callback function| sitesearch_countall_callback function| sitesearch_do_search function| sitesearch_do_force_search function| sitesearch_spellcheck_callback function| sitesearch_do_spellcheck function| sitesearch_do_suggest_search function| sitesearch_query_searchresult_callback function| sitesearch_do_query_searchresult function| sitesearch_click_page_callback function| sitesearch_click_page function| search_action function| sitesearch_search_fortiguard function| count_facets_type function| shuffle_facets function| csCookies object| cookieScriptWindow object| cookieScripts string| cookieScriptSrc function| cookieQuery string| cookieScriptPosition string| cookieScriptSource string| cookieScriptDomain string| cookieScriptReadMore string| cookieId number| cookieScriptDebug boolean| cookieScriptShowBadge string| cookieScriptCurrentUrl string| pagePath string| cookieScriptTitle string| cookieScriptDesc string| cookieScriptAccept string| cookieScriptMore string| cookieScriptCopyrights string| cookieBackground function| setImmediate function| clearImmediate function| $ function| jQuery undefined| Cookies string| cookieScriptReject function| cookieScriptLoadJavaScript function| InjectCookieScript string| cookieScriptStatsDomain function| cookieScriptCreateCookie function| cookieScriptReadCookie object| addthis_config object| addthis_share function| cookieScriptAddBox object| cookieScriptCurrentValue string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| _linkedin_data_partner_id function| lintrk boolean| _already_called_lintrk string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback function| OptinMonsterApp boolean| om_loaded object| om45602_39852 object| _atw function| __cmp object| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list object| $jscomp string| BANNER_VERSION object| __adroll_consent_banner object| _omapp object| omblgmacolv1mmou3zu41z object| omqbkzwxxbiv83f0ol5a2d object| omtd4yyupw30z3kaz7uhys object| omxpwpvp06n9shcggft6kf object| omjrdemyevn0aa7npndpl7 object| omjlpvlm0gfulpof6n5te9 object| omfv7axwkwnyj0mt6xt5zf object| omudg10nsmuro4wpv1uww8 object| omkacivmzbl2alucz7gccw object| omzum0cmob2jjkj0przyzd object| ompe1mb0dpaygltuhp5k4t object| ombs6hw8oho0l8z5lmhzmv object| omqxx1b0gslklfu2kjckea object| omtaoi2gud8wo2ip9kbnpv string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| twq function| fbq function| _fbq number| len object| WebFont function| MobileDetect object| twttr function| fbAsyncInit object| _omns15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.fortinet.com/ | Name: _omappvp Value: ReSQPn1ib0oibaFV6IzeD0XKMrvdvbu16dggpisnSGgKAGcsZxvY6W1fKRGsRkZ2eZKzrQ2PR57kqehKBnsTEz9320QX6r4B |
|
.fortinet.com/ | Name: AMCV_ED8739F75677FE917F000101%40AdobeOrg Value: -432600572%7CMCIDTS%7C18356%7CMCMID%7C66592361820257271573500636705944871250%7CMCAAMLH-1586507044%7C6%7CMCAAMB-1586507044%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1585909444s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18363%7CvVersion%7C4.5.2 |
|
www.fortinet.com/ | Name: __atuvc Value: 1%7C14 |
|
.fortinet.com/ | Name: s_cc Value: true |
|
.fortinet.com/ | Name: s_ecid Value: MCMID%7C66592361820257271573500636705944871250 |
|
.fortinet.com/ | Name: gpv_pn Value: www.fortinet.com%2Fblog%2Fthreat-research%2Flatest-global-covid-19-coronavirus-spearphishing-campaign-drops-infostealer.html%3Futm_source%3Dsocial%26utm_medium%3Dtwitter-org%26utm_campaign%3Dsprinklr |
|
.fortinet.com/ | Name: s_getNewRepeat Value: 1585902244483-New |
|
www.fortinet.com/ | Name: _omappvs Value: 1585902244683 |
|
www.fortinet.com/ | Name: cookiesession1 Value: 594BFB5FENNGJT2FD9CBL4QJTGLQ0B20 |
|
.fortinet.com/ | Name: _gid Value: GA1.2.194922502.1585902244 |
|
.fortinet.com/ | Name: _gat_UA-767980-6 Value: 1 |
|
.demdex.net/ | Name: demdex Value: 66958654134655583333464077980969173210 |
|
.fortinet.com/ | Name: _ga Value: GA1.2.1165062768.1585902244 |
|
www.fortinet.com/ | Name: __atuvs Value: 5e86f2a411a5a290000 |
|
.fortinet.com/ | Name: AMCVS_ED8739F75677FE917F000101%40AdobeOrg Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.optmnstr.com
ajax.googleapis.com
analytics.twitter.com
api.omappapi.com
assets.adobedtm.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
cx.atdmt.com
d.adroll.com
d.adroll.mgr.consensu.org
dpm.demdex.net
fortinet.demdex.net
metrics.fortinet.com
optin-monster.s3.amazonaws.com
px.ads.linkedin.com
s.adroll.com
s7.addthis.com
snap.licdn.com
static.ads-twitter.com
t.co
v1.addthisedge.com
www.facebook.com
www.fortinet.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
z.moatads.com
104.244.42.197
104.244.42.67
151.101.112.157
23.111.9.217
23.210.248.44
23.210.248.45
23.210.250.213
2606:4700::6811:4004
2a00:1450:4001:800::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81d::200e
2a02:26f0:10c:39e::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
34.253.11.118
35.181.91.36
50.19.60.226
52.216.139.139
52.30.105.51
52.30.201.43
52.52.208.2
66.117.28.86
95.100.196.159
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
08b047fc61cd752a042a882f13acded3a656b90c01b761d32a6fb86bd18fe6bd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
133debcec0026d79ced8d9d9504d6f95804410b4806b4b0b5f973f6ca529f5fb
142947583ee28b957236ea1a824451ceb3912bc157f16e29678d50b625c733f7
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8
19d93d95e74a0dfb9cafe96039ea04aec2e1a776bf9a715fce25812db110908a
1a7b3e905b55de1d29b86b09c3c6f5d2056b040d495609479dd486ac6e7bc9ca
2a8327a5567d5638f97e2fd377e6d938efd5c5c3792df9ee108b89c962e64674
2e6b1425eab1b01059760559671b06642e0f15423e4ae8ae29467dd56f9020f1
30fce5424db196d1c2802c5977134901447f89a5ed970697172ec17721aac77b
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
363a80d367e6658e72d918cd33f9481ce7929199a9858122b0dcc61dffa62fde
3be19af41152df0a31ad542f94e84a64734b66079227821da645072659b39f7a
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
42fbdf2993092cb323cbad85cdb15192ce4e7f5f9c8c776ffadf7e4e48c14fd2
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
688a1355a6a60c19124bfd52ed82f714f9224beca720d486ae6805870ea0a842
6cd730dc93590d7c4d1a32a0a6a472cd5f64cc5f9a80d0b792117f7bd3107f6e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846d83f1781c46b25884fc4f0a81c27b15c57da4854a2c1b8a67265bd9828b28
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a38b7386b006094d4f5c04bb3647e05ff2c1b20e3b717039a5a1d3310f5eabff
a55db6ce7f6660f8bd63293e801bf3ae471ca4335e5b465ec8c4b3116e3aa19d
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad979cd8209daf4934baefa31ec4dede21ae9cc233cf809da2ed5ed839f03a68
adfcb165c69213b0aba3c64bc549f7ff156ec82110fb8ef144b1d16ebc13b04a
b2a69f81002746fb20a34679b10c764c2d5f664de10944230824289d55c38348
b3adb5fcff9ce2309e51e2127945d36a9ae607c70d1c92192a70cfadeda9b523
b3f201c5989f4b55e18e8aee582aeea5dca829c25b4421170c70b49101dd3be2
b4c4855e86d801870e1b603fd5d660aceafdd35286b1bb6f57675b0c953c0641
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
d96d8bb5de5c3c7d077b9a04db8edc60331510291bc09c684324b184423d4581
dcc1cf9874c1298c5e39ce7cd0f1c4ad67ef805a4c0d6dbda250202d947dd755
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e717cb376f9160bc32d1cff24effc117c256426184e0d55727ed04fd86f779d7
e9ab75506ddd29752bc8f3def52635b9838ab97759e0be9ee49f74e7d7b0c01d
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d