What (sub)domains are used by AIR?
AIR (sub)domains
UPDATE
This domain is used by AIR Server instances to check if there is any new version to update.
LICENSE
This domain is used by AIR Server instances to check the licence information
TIMESTAMP
This domain is used by AIR Server for RFC 3161 features which requires integration with a timestamp server.
UPDATE
This domain is used by AIR Server instances to update artefacts like MITRE Attack Rules , docker compose files, update scripts, offline installer packages.
FIS USAGE STATS
FEATURE FLAGS
USAGE ANALYTICS
This domain is used by AIR Server instances to
Collect case activity & Organization ID metrics for FIS License charges/billing.
Feature flag service to enable/disable features on AIR.
Analytics to analyse usage statistics.
UPDATE
This domain is a container registry for AIR Server instances to update server components like the application server images, database images, caching server images etc.
A note on Cloud Infrastructure
All of the web services and API backends listed above are hosted on Microsoft Azure preferably in East/West US Datacenters and protected by Cloudflare.
What data is sent or received by Binalyze domains
Domain
Data Sent To Domain
Data Received From Domain
N/A
Version Information
License Key
License Status Details
RFC-3161 Timestamp Token
N/A
Packages
FIS USAGE STATS:
OrganizationID’s, Case Id, License Key, CaseEventType, CaseEventTime, endpoint Id, Task Id
i.e.: "logId": 764149386100000, "type": "endpointTaskAddedToCaseEvent", "publishedDate": "2022-06-03T10:22:18.610Z", "data": { "caseId": "C-2022-0028", "endpointId": "2b2ea7b0-be61-445c-b735-ac1a9a39e448", "taskAssignmentId": "2b1d5b2c-72ac-4828-9a82-b3510ce9fd5a" }, "license": "LICENSE-KEY"
FEATURE FLAGS: License Key
FEATURE FLAGS: Feature flag states
USAGE ANALYTICS: N/A
N/A
Binary Packages
Last updated