www.fortinet.com Open in urlscan Pro
2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Submission: On October 14 via api (October 14th 2024, 7:41:06 am UTC) from IN — Scanned from DE

Summary HTTP 87 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 87 HTTP transactions. The main IP is 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.fortinet.com. The Cisco Umbrella rank of the primary domain is 120260.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 16th 2024. Valid for: a year.

This is the only time www.fortinet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
67	2a05:d014:f3c... 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:480... 2a02:26f0:480:9b4::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.53.43.58 23.53.43.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.31.162.222 52.31.162.222	16509 (AMAZON-02) (AMAZON-02)
1 2	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100::210:180	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.83.231.3 99.83.231.3	16509 (AMAZON-02) (AMAZON-02)
87	10

67 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:9b4::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.43.58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-58.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.162.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-162-222.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

metrics.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.231.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: afe865822f884bb48.awsglobalaccelerator.com

eps.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	fortinet.com 1 redirects www.fortinet.com — Cisco Umbrella Rank: 120260 metrics.fortinet.com — Cisco Umbrella Rank: 303802	5 MB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	139 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	127 KB
5	6sc.co j.6sc.co — Cisco Umbrella Rank: 5626 c.6sc.co — Cisco Umbrella Rank: 6951 ipv6.6sc.co — Cisco Umbrella Rank: 5794 eps.6sc.co — Cisco Umbrella Rank: 11869	20 KB
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 243	542 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	303 B
87	6

	Domain	Requested by
67	www.fortinet.com	www.fortinet.com
6	assets.adobedtm.com	cdn.cookielaw.org assets.adobedtm.com
6	cdn.cookielaw.org	www.fortinet.com cdn.cookielaw.org
2	eps.6sc.co	j.6sc.co
2	metrics.fortinet.com	1 redirects www.fortinet.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	dpm.demdex.net	assets.adobedtm.com
1	j.6sc.co	www.fortinet.com
1	geolocation.onetrust.com	cdn.cookielaw.org
87	10

This site contains links to these domains. Also see Links.

Domain
forums.ivanti.com
www.horizon3.ai
www.cisa.gov
www.rapid7.com
www.fortiguard.com
www.linkedin.com
www.x.com
www.youtube.com
www.instagram.com
www.facebook.com
fortiguard.com
community.fortinet.com
investor.fortinet.com
onetrust.com

Subject Issuer	Validity	Valid
*.fortinet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2025-07-15`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
6sc.co R10	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
eps.6sc.co Amazon RSA 2048 M02	`2024-08-29` - `2025-09-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Frame ID: 242B5027B2878119CD79F405ECDB34A9
Requests: 88 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA | FortiGuard Labs

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/
/etc\.clientlibs/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

87
Requests

99 %
HTTPS

56 %
IPv6

6
Domains

10
Subdomains

10
IPs

3
Countries

5387 kB
Transfer

7269 kB
Size

11
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=de
Title: CVE-2024-8190

Search URL Search Domain Scan URL

URL: https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection/
Title: the details

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
Title: here

Search URL Search Domain Scan URL

URL: https://www.rapid7.com/blog/post/2024/01/11/etr-zero-day-exploitation-of-ivanti-connect-secure-and-policy-secure-gateways/
Title: here

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/threat-signal-report/5556
Title: https://www.fortiguard.com/threat-signal-report/5556

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/encyclopedia/ips/56651
Title: https://www.fortiguard.com/encyclopedia/ips/56651

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fortinet

Search URL Search Domain Scan URL

URL: https://www.x.com/Fortinet

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCJHo4AuVomwMRzgkA5DQEOA?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fortinet/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fortinet

Search URL Search Domain Scan URL

URL: https://fortiguard.com/
Title: FortiGuard Labs

Search URL Search Domain Scan URL

URL: https://community.fortinet.com/
Title: Fortinet Community

Search URL Search Domain Scan URL

URL: https://investor.fortinet.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/s28484145504545?AQB=1&ndh=1&pf=1&t=14%2F9%2F2024%209%3A41%3A1%201%20-120&fid=2D845914EE927843-360FDE4640711ADB&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c.&cm.&ssf=1&.cm&.c&cc=USD&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c7=Entire%20Site&c8=New&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&v35=Enabled&v92=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/s28484145504545?AQB=1&pccr=true&vidn=33866586C3BC9AB6-600005CC80A090A8&ndh=1&pf=1&t=14%2F9%2F2024%209%3A41%3A1%201%20-120&fid=2D845914EE927843-360FDE4640711ADB&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c.&cm.&ssf=1&.cm&.c&cc=USD&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c7=Entire%20Site&c8=New&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&v35=Enabled&v92=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

87 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa Show response
www.fortinet.com/blog/threat-research/ 133 KB
31 KB 30ms
16ms Document
text/html 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8e541dcf6b3eed0334c0309003af2e1851e7cf4d2d881b2f6d79819287fe15e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 223476
Cache-Control: max-age=600, public, s-maxage=10800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 30532
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Type: text/html;charset=utf-8
Date: Mon, 14 Oct 2024 07:39:41 GMT
ETag: "213f6-62436ed025377-gzip"
Last-Modified: Fri, 11 Oct 2024 17:36:23 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
X-Amz-Cf-Id: DD0AqbKckPhH-9l_R4aN2Ic3X0NmYmGo9m5f4oYcxASyvW3cY0DC8g==
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Hit from cloudfront
X-Content-Type-Options: nosniff
X-Dispatcher: dispatcher2uswest1-28559771
X-Frame-Options: SAMEORIGIN
X-Vhost: publish
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK visitorapi.min.js Show response
www.fortinet.com/etc/designs/fortinet/adb-target/ 64 KB
30 KB 64ms
35ms Script
application/javascript 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet/adb-target/visitorapi.min.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
Content-Encoding: gzip
ETag: "fe2d-6117284c96900-gzip"
Age: 217805
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: XqtV4YKC7z7CyWjjPXXZ5bFTmAiyFOx3vb4bzg0O4ZZoaF6SmKqgQg==
Date: Fri, 11 Oct 2024 19:10:55 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Thu, 15 Feb 2024 21:43:32 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 29532
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK at.js Show response
www.fortinet.com/etc/designs/fortinet/adb-target/ 104 KB
48 KB 66ms
34ms Script
application/javascript 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet/adb-target/at.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
Content-Encoding: gzip
ETag: "19e83-61431fc4b24c0-gzip"
Age: 212168
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: PXbNC4PUZ1c3SPLKSCRIw1OjqnQY0W3ES6_IpNzAQom9NI934mE2eg==
Date: Fri, 11 Oct 2024 20:44:52 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Thu, 21 Mar 2024 20:59:39 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 47782
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK clientlib-base.min.900b148ab7b87024003111a1245cca9c.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 540 KB
28 KB 107ms
102ms Stylesheet
text/css 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.900b148ab7b87024003111a1245cca9c.css

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

94633716497a85d800b6e573953942c4cfe483c0dbd68fa97fd01dd97ced5d66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
Content-Encoding: gzip
ETag: "86e1b-61b58998583c0-gzip"
Age: 901804
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: PUa0n4ZJjeoGzQeUvGiQk_c9-dJQ068LUChpgS1rrJ84iGsW-oCxlQ==
Date: Mon, 14 Oct 2024 07:37:29 GMT
Content-Type: text/css;charset=utf-8
Last-Modified: Thu, 20 Jun 2024 21:00:07 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 27478
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 42ms
20ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEA64C3FD6111
x-ms-lease-status: unlocked
age: 16003
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 07:41:00 GMT
date: Mon, 14 Oct 2024 07:41:00 GMT
content-type: application/javascript
last-modified: Sat, 12 Oct 2024 02:22:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ef59518d-e01e-00e8-13ab-1c6e71000000
cf-ray: 8d25ecae2f35bb49-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ 32 KB
3 KB 92ms
53ms Image
image/svg+xml 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/fortinet-logo-white.svg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
Content-Encoding: gzip
ETag: "7ebb-565d53a1d6e40-gzip"
Age: 36095978
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: ij1g5NynXEJLcdQL1G5J6EyJdUa5xvUCVEFWTrXgZBQ3Ltjp4hBDsQ==
Date: Mon, 14 Oct 2024 07:39:08 GMT
Content-Type: image/svg+xml
Content-Disposition: attachment; filename="fortinet-logo-white.svg"
Vary: Accept-Encoding
Last-Modified: Thu, 22 Feb 2018 23:16:01 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 1998
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK toc-icon.jpg
www.fortinet.com/content/dam/fortinet/images/ 1 KB
3 KB 92ms
51ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet/images/toc-icon.jpg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "4fd-60a2031eb4f40"
Age: 28908396
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: qmP3eGwuHLG0pd31gyERwovS2TFIF0LxNfF4MuEKthT21oeUWyLGrA==
Date: Mon, 14 Oct 2024 07:35:25 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 14 Nov 2023 17:34:13 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 1277
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js Show response
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 160 KB
74 KB 12ms
12ms Script
application/javascript 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
Content-Encoding: gzip
ETag: "28100-61cff033f9240-gzip"
Age: 161629
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: TT86kX58XefKzMicCCnzB7RhhEt2yZcYr4NrUWGkkfgL9IS9TjATNg==
Date: Sat, 12 Oct 2024 10:47:11 GMT
Content-Type: application/javascript;charset=utf-8
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2024 20:57:37 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 74768
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H2 200 f85f39fc-d7aa-467a-b762-fbb722748016.json Show response
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/ 5 KB
2 KB 37ms
23ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/f85f39fc-d7aa-467a-b762-fbb722748016.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8998282f5a80fff5eaafdbd457dd7a81af0cd7c8696bfe032a6aeef8fe67f99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

content-md5: Uj3iBUKm1Vl2g2NHq67V+w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC07DF23DF5130
age: 4531
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 15 Oct 2024 07:41:00 GMT
date: Mon, 14 Oct 2024 07:41:00 GMT
content-type: application/json
last-modified: Thu, 28 Dec 2023 19:56:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: c21183be-301e-00a5-5054-cda893000000
cf-ray: 8d25ecaed936dc68-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1792
x-ms-blob-type: BlockBlob
server: cloudflare

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ivanti-hero.jpg
www.fortinet.com/content/dam/fortinet-blog/article-heros/ 220 KB
222 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-heros/ivanti-hero.jpg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

18041a7dd2be9d4ba5469edca86d5bd763e3bdcae7a83c5559c618bf4be83f0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "3715e-6242cd5d60d40"
Age: 223437
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: nbUbG-rs7l2yyTbRsqQQM220MxmUfgrSIrQHprxk9AeKB319kDWlxQ==
Date: Fri, 11 Oct 2024 17:43:12 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:34:05 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 225630
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK siemens-vuln-discovery-center-thumb.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/ 146 KB
147 KB 46ms
45ms Image
image/png 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-images/siemens-vuln-discovery-center-thumb.jpg.thumb.319.319.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b3f4fd3661f04c2c6374215073e85cb8c5c938ee783677f40e85151989c39d97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "24631-5e417b82eaa40"
Age: 36092927
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: xAGOt0oOBew5-VfCnPs8pBYHwqiN_26mwR124DuNo9fAv8pWgd7BIA==
Date: Mon, 14 Oct 2024 07:39:42 GMT
Content-Type: image/png
Last-Modified: Mon, 18 Jul 2022 17:30:09 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 149041
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ransomware-roundup-thumb.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/ 142 KB
144 KB 11ms
10ms Image
image/png 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-images/ransomware-roundup-thumb.jpg.thumb.319.319.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

727d19bf895438013bb188825e546dd6e61f80c2a4ea8e7b6e978b96bab546f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "23995-5e41c8188d9c0"
Age: 36094865
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: BPUmvlvoerPRwt3MvtEoD_nV6Khg2ZRC28-sWI81H0qpb2QjgOhFsw==
Date: Mon, 14 Oct 2024 07:37:31 GMT
Content-Type: image/png
Last-Modified: Mon, 18 Jul 2022 23:12:47 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 145813
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK MOVEIT-THUMB.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/ 124 KB
126 KB 19ms
19ms Image
image/png 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-images/MOVEIT-THUMB.jpg.thumb.319.319.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

443f47f0ae01cec5b4bc117dffb451485e147a54865efa7c820320e68cb55909

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1f0d8-5fd8fff10e040"
Age: 36094915
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 49b7qvZKSGC_fge58CX--sH6SJYeTz-phLqWno94bMCrSBfcFe-ucg==
Date: Mon, 14 Oct 2024 07:37:31 GMT
Content-Type: image/png
Last-Modified: Wed, 07 Jun 2023 20:29:45 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 127192
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
www.fortinet.com/etc/designs/fortinet/gfonts/ 37 KB
38 KB 15ms
15ms Font
application/octet-stream 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet/gfonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.900b148ab7b87024003111a1245cca9c.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.fortinet.com
Referer: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.900b148ab7b87024003111a1245cca9c.css

Response headers

X-Vhost: publish
ETag: "9354-5df4fa74ff980"
Age: 895772
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: MiWEDVEiMHwfTZZDQwdGfYFxScwr9Otn8powlf4fxTaPBHoYpWsx8Q==
Date: Fri, 04 Oct 2024 00:13:22 GMT
Content-Type: application/octet-stream
Last-Modified: Wed, 18 May 2022 21:08:06 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=2000000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 37716
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 52ms
29ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.fortinet.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d25ecaf6e9c6ae0-FRA
access-control-allow-origin: *
date: Mon, 14 Oct 2024 07:41:00 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK ivanti-web-request-client-index.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image.img.jpeg/1728620161388/ 46 KB
47 KB 16ms
14ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image.img.jpeg/1728620161388/ivanti-web-request-client-index.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

26b37b2982358112ad578340484a7de6274a19db3fb6ea13f0b4e2d89e35f566

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "b76f-6242bbea5e240"
Age: 223435
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: motFYEjegcIs8Qe0iLKlaIxMPs31jMUyonx2Gj0wlMT3uleuh31VdQ==
Date: Fri, 11 Oct 2024 20:09:24 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:16:01 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 46959
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig01-ivanti-gui-dl-landesk.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1172236801.img.jpeg/1728620210875/ 93 KB
94 KB 30ms
28ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1172236801.img.jpeg/1728620210875/fig01-ivanti-gui-dl-landesk.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1d3e1ffd86a5653412775034689e08d77352a1a255038f3cf953b76318ac946a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1733a-6242bc1919080"
Age: 223268
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 5RmtYFVe8KhbGSG-mNol6Nd4cZX_M4wlOcQdy0Dzsya3eG96wUZ-rw==
Date: Fri, 11 Oct 2024 20:09:24 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:16:50 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 95034
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig02-ivanti-redirection-download.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2006588417.img.jpeg/1728620263874/ 15 KB
16 KB 19ms
17ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2006588417.img.jpeg/1728620263874/fig02-ivanti-redirection-download.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

933ddaeb7b389ab0803e3e7a1124cd51dcd097514e5e1cff4d4cef50b219779e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "3bfd-6242bc4ba47c0"
Age: 223269
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: WJ3DM08hX0ewJsL5KaZAEFCuNIOnno9aIah75g1LNHq8R8IyFpxMGg==
Date: Fri, 11 Oct 2024 18:00:02 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:17:43 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 15357
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig03-ivanti-redirection-ondemand.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_184115790.img.jpeg/1728620317634/ 8 KB
9 KB 24ms
21ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_184115790.img.jpeg/1728620317634/fig03-ivanti-redirection-ondemand.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

17095b0dfaded492b73f4f6a30412ecb2f7a87a2ebd1f8963d5c5cee3db937bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "2011-6242bc7f24140"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: NwMhT6jWXhyz1k7eAC6p3wNgFMZkBSy0vUxk-TgQukQlR-jvFaR-vQ==
Date: Fri, 11 Oct 2024 17:59:52 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:18:37 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 8209
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig04-ivanti-code-vulnerable.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_853574561.img.jpeg/1728620365076/ 44 KB
46 KB 17ms
17ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_853574561.img.jpeg/1728620365076/fig04-ivanti-code-vulnerable.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

80979b936a389e029f1d96f9b57e39257416add377d59a14c91708c48cc60ae2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "b104-6242bcacead40"
Age: 223435
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: -mnMi5dJSbn55y56iUoewAVrqFDOGEplpNxistxkfNDswvnOcwmglA==
Date: Fri, 11 Oct 2024 17:59:59 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:19:25 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 45316
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-client-index-gsb-users.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_870303825.img.jpeg/1728620426185/ 17 KB
18 KB 12ms
12ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_870303825.img.jpeg/1728620426185/ivanti-client-index-gsb-users.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f53109bc9c1f5eba5a8e47a82b8a8e12de6fdd2c81f0a5320d5cd457708a5324

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "43b0-6242bce717680"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 1uM8H9iV8_ScyNpfo88Wb3vP5mpmDnRdxpWV-SObEpL4jiUxy7mXgQ==
Date: Fri, 11 Oct 2024 17:59:47 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:20:26 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 17328
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig05-ivanti-path-traversal.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1543583598.img.jpeg/1728620510929/ 59 KB
60 KB 10ms
9ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1543583598.img.jpeg/1728620510929/fig05-ivanti-path-traversal.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

cbe67b5b6fa27d2f9d4f18dba4f940ce8c4a3dbcab1541b5b1023ce4dcea66e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "ebd4-6242bd3733380"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: NlMDzZwroQbuxs4hFfNGyu-FrsNSUSRQn9-r0fFhtTnrZwORVoM5LA==
Date: Fri, 11 Oct 2024 20:09:25 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:21:50 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 60372
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig06-ivanti-path-traversal-vulnerability.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1413617697.img.jpeg/1728620553579/ 126 KB
127 KB 10ms
9ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1413617697.img.jpeg/1728620553579/fig06-ivanti-path-traversal-vulnerability.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a364f8998ea88f243a482109d256626e8d7cb72a05eac69ac608c27435241a65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1f626-6242bd6035440"
Age: 223269
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: VyiCxTFlKsDuIj-n28VtC6LywY1fameO2KSBL1nACBpurcgTomwLLg==
Date: Fri, 11 Oct 2024 20:09:25 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:22:33 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 128550
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-csa-management-console.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2028077941.img.jpeg/1728620592057/ 31 KB
32 KB 10ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2028077941.img.jpeg/1728620592057/ivanti-csa-management-console.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d4edec0e6d150110e180ad38f47e5eab79358d5df97f12e15c73a4b538863451

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "7ada-6242bd8566c00"
Age: 223269
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: RxPZLb5Wq48hG0JNfiWY4sbUINh07ss7HOHAde3Znn0Pu8lFNBAk1g==
Date: Fri, 11 Oct 2024 17:59:48 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:23:12 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 31450
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig07-ivanti-sqli-vulnerabilty-exploitation.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_288801384.img.jpeg/1728620655617/ 173 KB
174 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_288801384.img.jpeg/1728620655617/fig07-ivanti-sqli-vulnerabilty-exploitation.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ad15ab06d640d365a00d41e146660addb01348b2f6878f6ffdc1dc428c67cc19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "2b2af-6242bdc17b9c0"
Age: 223268
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: a4KidZk7kN004NK5JXO3heQGYxeh6lv-f4TSTteRxEFGjeimVlzAMQ==
Date: Fri, 11 Oct 2024 20:09:25 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:24:15 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 176815
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig08-ivanti-setting-timezone-value.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_512758081.img.jpeg/1728620707132/ 25 KB
26 KB 13ms
13ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_512758081.img.jpeg/1728620707132/fig08-ivanti-setting-timezone-value.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0e6e31465592638aaa036384d85ebd6e6c56b9178591bceea4a0b815dd06d535

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "6205-6242bdf312ec0"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: szrlnKndHvnah0sl3bo6i95MNkcBmFGwM8w-wownjHPhkYxJUoRttg==
Date: Fri, 11 Oct 2024 17:59:58 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:25:07 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 25093
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig09-ivanti-vulnerabie-function.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_156964748.img.jpeg/1728620764864/ 29 KB
31 KB 24ms
24ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_156964748.img.jpeg/1728620764864/fig09-ivanti-vulnerabie-function.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7c37b5d2c568700acb5aa4d6fc9ece9bc0df8882dc473d944a854ade711a696c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "758d-6242be296ef00"
Age: 222085
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 3fP2GnNq2yh7MGe42PeBAytCFhojxl3j_UosmpVk17CGZPwiS0gEEQ==
Date: Fri, 11 Oct 2024 17:59:35 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:26:04 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 30093
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig10-ivanti-time-zone-change.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_546641334.img.jpeg/1728620805020/ 58 KB
59 KB 14ms
13ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_546641334.img.jpeg/1728620805020/fig10-ivanti-time-zone-change.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ec5a240780ab83205367dfb9274a408269d2a10d837164fe39eebabd757d9e7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "e618-6242be5088b40"
Age: 223435
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: Mh5RttakWxRFdi0PpT_5f7tHjCaTsIwcvy9a5I_Y3eOJyT2fFHOSZA==
Date: Fri, 11 Oct 2024 20:09:25 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:26:45 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 58904
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig11-ivanti-post-variable-timezone.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_879745814.img.jpeg/1728620849864/ 87 KB
89 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_879745814.img.jpeg/1728620849864/fig11-ivanti-post-variable-timezone.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f21e3a5a80821feb91e7bb84d525742fd137c4b336f3ff3f1bb15dc2fcae9d70

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "15d27-6242be7a7ee40"
Age: 223268
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: WwWPnEQtJUh_suHDgZ-bOjirDQQ20WFmbjigORDe4kc5dGSTUXxtHg==
Date: Fri, 11 Oct 2024 20:09:25 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:27:29 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 89383
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig12-ivanti-decoded-base64.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1686730515.img.jpeg/1728620888293/ 112 KB
114 KB 18ms
18ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1686730515.img.jpeg/1728620888293/fig12-ivanti-decoded-base64.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8af6fb23ba1c0a4860476b240ba2d05c02ff018f1a93d2caadf7301ed87223d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1c1e7-6242be9fb0600"
Age: 223435
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: wEAaKuGIx49jZPX5ryVz15GTxz_wNjD503lUjqlEBb2IEzAtnZT9HQ==
Date: Fri, 11 Oct 2024 20:09:25 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:28:08 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 115175
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig13-ivanti-broker-conf.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_658029349.img.jpeg/1728620938935/ 31 KB
32 KB 14ms
14ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_658029349.img.jpeg/1728620938935/fig13-ivanti-broker-conf.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0968bbb30f1aef951bb770793756fca4fd75cce26bce318ace9c6e31deddf7f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "7ab8-6242becf5f680"
Age: 223435
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: f1ybR-JkZn2MpUFms340TSnW_RBkc6VCAlHXPYlonWo-DGllD02Edw==
Date: Fri, 11 Oct 2024 17:59:35 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:28:58 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 31416
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig14-ivanti-root-user-private-key.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_669364972.img.jpeg/1728620991417/ 11 KB
13 KB 24ms
24ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_669364972.img.jpeg/1728620991417/fig14-ivanti-root-user-private-key.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bd6f701d7b3abd41679f87c496bc8911a602f247900dfc7ab7cb3a62abe098ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "2cda-6242bf01eadc0"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: PzTYGKCoH_qRwh83KZyIyyNKOPdMrhcsCZCremHTxjgAG68liHnx6g==
Date: Fri, 11 Oct 2024 17:59:41 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:29:51 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 11482
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig15-ivanti-postgres-database.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_801722592.img.jpeg/1728621025851/ 96 KB
98 KB 14ms
14ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_801722592.img.jpeg/1728621025851/fig15-ivanti-postgres-database.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b69b5763c6c912b8a1852981c4401647963d63734e234b073d97c0dffbf64206

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "180ac-6242bf2257a40"
Age: 223268
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 9oz3jLGkXN_qD-25heFKJXRje6j1fp6fv09GZcs8X1ka67n0ABTfwg==
Date: Fri, 11 Oct 2024 18:00:01 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:30:25 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 98476
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig16-ivanti-command-injection.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1841058103.img.jpeg/1728621069609/ 111 KB
112 KB 10ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1841058103.img.jpeg/1728621069609/fig16-ivanti-command-injection.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

cff43ffcd3d9feaba4fb1250d800a3b9650a7f65c26f00b196e403cc763ee1d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1bbea-6242bf4c4dd40"
Age: 223268
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: hsMZU8MXpEcOkWYKK7RBgSRXoZCiMYHhjuxeZIhtNnb6GRnLiJcdTg==
Date: Fri, 11 Oct 2024 20:09:26 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:31:09 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 113642
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-malicious-command.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1382954794.img.jpeg/1728621104113/ 16 KB
17 KB 12ms
12ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1382954794.img.jpeg/1728621104113/ivanti-malicious-command.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d3cdd8255b0cabf4568ec33c19f12ef6a3a761ea27bb36f0e1a12d9c4f31a2f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "3ec2-6242bf6daec00"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: yfOA2Ge75gLQaaiLSqF8ARe9KRLQDalSN09ppLU-Bk_EhElhYCpc6w==
Date: Fri, 11 Oct 2024 17:59:44 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:31:44 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 16066
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig17-ivanti-command-injected.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_611292844.img.jpeg/1728621139581/ 18 KB
19 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_611292844.img.jpeg/1728621139581/fig17-ivanti-command-injected.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f797f871bec64d4d54308abab8c7008df6b855a83b59dbc17665e3c4111e7032

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "4858-6242bf8f0fac0"
Age: 223267
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: MlFwPhOTKsfJICElBrEVehq4fUDMu4JqumCAhqliuYOdcD0Ts_G4yw==
Date: Fri, 11 Oct 2024 17:59:58 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:32:19 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 18520
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig18-ivanti-code-vulnerable.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_115137765.img.jpeg/1728621184124/ 70 KB
71 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_115137765.img.jpeg/1728621184124/fig18-ivanti-code-vulnerable.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

c584b5d0f98a654a3857877fa1e3dbb85b0b0e779191ad952af4e14116205e2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "11771-6242bfb9fa000"
Age: 223267
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: fEFZRHKgaoEGZF1fRIMvWSvm46t7ePOZOZeroLPKspS6zpn-0jcPAg==
Date: Fri, 11 Oct 2024 20:09:26 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:33:04 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 71537
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig19-ivanti-update-function.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2034876463.img.jpeg/1728621223395/ 55 KB
56 KB 10ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2034876463.img.jpeg/1728621223395/fig19-ivanti-update-function.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5cde97a99252b4ad4fa0d3becd808a64e2b1946feef502515a47aab3f9110f7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "da41-6242bfdf2b7c0"
Age: 223259
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: mg8-ZEFqf1MbwYzKTJvaGO2rd2mHSXd2zS4UVNunuuXlaIvK_o1nHA==
Date: Fri, 11 Oct 2024 20:09:26 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:33:43 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 55873
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig20-ivanti-files-patch.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_450058568.img.jpeg/1728621256835/ 87 KB
88 KB 13ms
13ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_450058568.img.jpeg/1728621256835/fig20-ivanti-files-patch.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a9a345b743fb7460be8d7e10ca085ea57901980b67d43151196d36f94a5451cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "15a79-6242bffea4200"
Age: 223266
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: Wk71YmbwwafWwGW-1Hbs-g_s0n8RXIOWt-gySCT6bMbzm1Av3X8Opw==
Date: Fri, 11 Oct 2024 17:59:42 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:34:16 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 88697
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig21-ivanti-patch-script.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1942091345.img.jpeg/1728621289333/ 101 KB
103 KB 14ms
14ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1942091345.img.jpeg/1728621289333/fig21-ivanti-patch-script.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

36186e198e296c76785020a85f35312fbf538fe48f96b8358b01c25cb5b673e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1958b-6242c01e1cc40"
Age: 223267
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: mbZuQuZqdJItQTYpEdaUWEYtOqcrvnAWutmgnip2IHjuYix3t9EyvQ==
Date: Fri, 11 Oct 2024 19:17:17 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:34:49 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 103819
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-temp-tmp-command.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_479439523.img.jpeg/1728621332478/ 29 KB
30 KB 14ms
14ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_479439523.img.jpeg/1728621332478/ivanti-temp-tmp-command.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

18f5794db26670e34d8df06806be8536dc6520a380dcf67bced51fc8f7ef91e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "73b9-6242c0471ed00"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: rZ59_ajPEXcv3UwU3YeqmKcB3v25FfFhcXRN3kxn5mQEi2oo6PkLgw==
Date: Fri, 11 Oct 2024 20:09:26 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:35:32 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 29625
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig22-ivanti-patch-timestamp.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_280612408.img.jpeg/1728621400402/ 22 KB
24 KB 12ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_280612408.img.jpeg/1728621400402/fig22-ivanti-patch-timestamp.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4aa70a752741f88840c0ae6612f71b6220ac77080c263caa1682cee47d9b39da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "59be-6242c087f8600"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: adiGmNUbExT2D639bvfhd3SelyTUeZGz8DBSSRa3hLhRu953QukELA==
Date: Fri, 11 Oct 2024 17:59:51 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:36:40 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 22974
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig23-ivanti-patch-timestamp-datetimetab.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1121393809.img.jpeg/1728621473905/ 15 KB
16 KB 9ms
9ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1121393809.img.jpeg/1728621473905/fig23-ivanti-patch-timestamp-datetimetab.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

643a52fac3e3aae163ef76ad0a2a088d2f31ac2552eff000edc1b495c8fbba32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "3c34-6242c0cd96a40"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: f-OPJ0Yx9nOyGe9Zsiqeqy3p7ZAwllfSdNejcmicQyrxQJzzfbk5zw==
Date: Fri, 11 Oct 2024 17:59:58 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:37:53 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 15412
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig24-ivanti-comparison-code.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1656384028.img.jpeg/1728621510804/ 93 KB
94 KB 15ms
15ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1656384028.img.jpeg/1728621510804/fig24-ivanti-comparison-code.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8ef9e9b7103e38d4509a125612dad3ff98edfd671fa45f01d4d09c3cefa50a8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1737c-6242c0f0dfd80"
Age: 223267
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: o3r39lKlqBCjpUTetzNAgld1frNgnTIH8HYQ3br6G8S-vob_9YCegg==
Date: Fri, 11 Oct 2024 20:09:26 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:38:30 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 95100
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig25-ivanti-exploitation-testing.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1136962043.img.jpeg/1728621561290/ 129 KB
130 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1136962043.img.jpeg/1728621561290/fig25-ivanti-exploitation-testing.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bb13a80fdd4875e6626de9e2b4ebf7948f3cfe191f73b4dbf31e1247d0239667

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "20339-6242c12183040"
Age: 223259
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: PknMAweZ0y5ZlzPpXvlyVytf9Vm8k7UAM40U3VZRkYBG8g1__vI8zw==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:39:21 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 131897
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig26-ivanti-testing-command-injection.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1958099435.img.jpeg/1728621691327/ 107 KB
108 KB 10ms
9ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1958099435.img.jpeg/1728621691327/fig26-ivanti-testing-command-injection.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bec3437c8baa45a6344648c2bb6806831972c5cdd7ae34a16897d6e205092476

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1ab81-6242c19d7d4c0"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 7Neqkvv0kuG5J9ul_aqFkhp9PYSxImHM5LH3jw6XQzggoXUxDw8Kcg==
Date: Fri, 11 Oct 2024 20:09:26 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:41:31 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 109441
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-sample-malicious-post.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2136686996.img.jpeg/1728621736636/ 65 KB
66 KB 10ms
9ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2136686996.img.jpeg/1728621736636/ivanti-sample-malicious-post.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a8491dacfaed6de53e20ff200c81255fb61def72f2696426a23ec5a05265b28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "10408-6242c1c867a00"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: EIR4-mMmxpolLsDSxIYzUKe60HK8NMajFSuomXL_iL2ObFsd22FWlw==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:42:16 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 66568
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-sqls-remote-code-execution.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_958399012.img.jpeg/1728621780661/ 89 KB
90 KB 13ms
13ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_958399012.img.jpeg/1728621780661/ivanti-sqls-remote-code-execution.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d5dc4157271c9d3147055b0f2b85578271417af24cb1cfd197b84194ddaa0bfa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "16350-6242c1f25dd00"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: EY9D6OZfm2R4u1E9bQZBK1Ea42OLz_oLtTRogz7pQ3edu4r-D3mT2A==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:43:00 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 90960
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK table01-ivanti-threat-actor-commands.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_133352251.img.jpeg/1728621923615/ 50 KB
51 KB 12ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_133352251.img.jpeg/1728621923615/table01-ivanti-threat-actor-commands.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

717f11c79608856a33546a50fe20ac984c44c933ba23ea02c851f8f0004df1fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "c75d-6242c27abdec0"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: zFIDpzGCeRHPg6TI5SnYUvKwmZfC9Gm3RP081Nf3VQ8U8ixorTKGVA==
Date: Fri, 11 Oct 2024 17:59:48 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:45:23 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 51037
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-powershell-command.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1877150742.img.jpeg/1728621963572/ 77 KB
79 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1877150742.img.jpeg/1728621963572/ivanti-powershell-command.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b0b526b901a7afeac92efcd87a441305a26891bba8bfbb950f4b18f7fd582e59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "134e8-6242c2a0e38c0"
Age: 223259
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: ZxJe8XIuaB_1fIkYWJ0kqIBr1LBtNGr9qnB_u5PuFZPwBrs1p5MryA==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:46:03 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 79080
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig27-ivanti-content-1log.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1065565645.img.jpeg/1728622001838/ 51 KB
53 KB 15ms
15ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1065565645.img.jpeg/1728622001838/fig27-ivanti-content-1log.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5fa043f0c7d87051071a76bfcd9a59a537991943ba96fde8cc718c5a0919b45b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "ccf0-6242c2c520e40"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: hNU_2iW49Ae3L3Pcf_u8CS5S3fnVqHSAbzXddzcfloI18-ezb0QXCQ==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:46:41 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 52464
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK table02a-ivanti-threat-actor-commands.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_554353955.img.jpeg/1728661138131/ 1003 KB
1004 KB 23ms
23ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_554353955.img.jpeg/1728661138131/table02a-ivanti-threat-actor-commands.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4af5dacf19bc195010075d202d98f083a444a8572cbc1711fe39225928cb6be1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "faaf9-6243549114880"
Age: 223258
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: dLLLqZ_SVOpcF2VAGO-IDDshfqIQwOnKuwC-2wsiv4WbePpNim1uuQ==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 15:38:58 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 1026809
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK table03-ivanti-web-shells.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1145145370.img.jpeg/1728622608310/ 80 KB
82 KB 10ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1145145370.img.jpeg/1728622608310/table03-ivanti-web-shells.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

92cfae0b0d343d93e5e1d365bb9179904e50407d803588ec009e2bb19e211ea3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "1416e-6242c50802400"
Age: 223266
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 3HfAO8N-GJCglvwWxeDIth6e7OCTrn0PcM0DMNF5zlo8egXQ_IXzVA==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:56:48 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 82286
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig28-ivanti-brute-force-tooling.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1202021139.img.jpeg/1728622643931/ 37 KB
38 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1202021139.img.jpeg/1728622643931/fig28-ivanti-brute-force-tooling.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2e50f9ae9324af2e1d1803215dfa3b1e4476f62bf1c3d548743835992ca87182

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "9326-6242c529632c0"
Age: 223266
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: NnKaftnAXeXiq4moiAicdescntcF-ha1OzRi2E_KlC2BtIqfekIeYA==
Date: Fri, 11 Oct 2024 17:59:57 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:57:23 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 37670
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig29-ivanti-content.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1841266866.img.jpeg/1728622674435/ 23 KB
24 KB 13ms
13ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1841266866.img.jpeg/1728622674435/fig29-ivanti-content.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

66a9e8a80c33a2f932441adf709f92aecca67782c8c0c5b1e165584d7eb3a291

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "5c88-6242c546f3880"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: Yl8_aDpSYZ8SKD1wVfKK4IIQZz83yQz-5iV15SjxMtK2I8kc-YxYUw==
Date: Fri, 11 Oct 2024 17:59:39 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:57:54 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 23688
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-csa-appliance.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_16445584.img.jpeg/1728622709083/ 41 KB
42 KB 10ms
9ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_16445584.img.jpeg/1728622709083/ivanti-csa-appliance.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

188c1c4378ca30c9eef2b446a37c4a7eb75d043f56acf32c35eb0077bb8705a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "a328-6242c56854740"
Age: 223259
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: jTh70-NPW3hn2XJL9wSny5N4S1mxqIyU4YiRp5RDO02yvWISvjhqpw==
Date: Fri, 11 Oct 2024 17:59:45 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:58:29 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 41768
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-php-variables.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_421608083.img.jpeg/1728622739558/ 35 KB
37 KB 10ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_421608083.img.jpeg/1728622739558/ivanti-php-variables.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f02faad1987312daa96dcd532794b6db4faa8a623306821b9d26235dbea36983

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "8df4-6242c584f0ac0"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: b1R6tXhBwuuibEaK81iOWemNcei9Ux0FFqnxmCvRPN2nmXYHm87yjg==
Date: Fri, 11 Oct 2024 18:00:02 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:58:59 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 36340
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-linux-kernel.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_38071269.img.jpeg/1728622775542/ 65 KB
66 KB 10ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_38071269.img.jpeg/1728622775542/ivanti-linux-kernel.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

644e98e4c6ce7519f77dc6c7401426d231c8f895f550c7f6c514bb4ec302ec6a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "10317-6242c5a745bc0"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: v5aVwWELRrcvvV-8NUmrqMFYIcOFdzVH59-XKi_RIi9hy-Jx-AiBZA==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 04:59:35 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 66327
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig30a-ivanti-base64.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1621469609.img.jpeg/1728622837198/ 171 KB
172 KB 12ms
12ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1621469609.img.jpeg/1728622837198/fig30a-ivanti-base64.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

39a543197cee3bd0cac857a39467717e59781b5a8eec38ba40ebcc281e2c78b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "2ac3e-6242c5e266740"
Age: 223436
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: O7WDhk5QNDlizYytWPg8AjlaquuhjpDdbXJiRz5__8getpIrPyPaCg==
Date: Fri, 11 Oct 2024 20:09:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:00:37 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 175166
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig30b-malicious-tar-file-content.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1244035500.img.jpeg/1728622869372/ 14 KB
16 KB 10ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1244035500.img.jpeg/1728622869372/fig30b-malicious-tar-file-content.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

61af4356b1a56a808fbe79a6cd0f96444069b54d9eb1a1576b45c0e0f6bae0c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "38ce-6242c600eaf40"
Age: 223437
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 6I0iKSqbUaHWK3rKO7bX2pwJWUWnvJ16sKsqhLUxFuqIB_XjfqR7yQ==
Date: Fri, 11 Oct 2024 17:59:57 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:01:09 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 14542
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig31-ivanti-rootkit-files.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_460351710.img.jpeg/1728622903847/ 20 KB
21 KB 11ms
10ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_460351710.img.jpeg/1728622903847/fig31-ivanti-rootkit-files.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

17234dc33fee83a6097588da7dc802864fd9af021ff0b48fa73a404e30aa362c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "4f8f-6242c62157bc0"
Age: 223267
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: KN1njnMHy8EolJBGwGyUl9XLiZj7gD84-8GqXCZYFhyKIvNZepn2Gg==
Date: Fri, 11 Oct 2024 17:59:42 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:01:43 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 20367
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-script-start-param.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1397322820.img.jpeg/1728622948264/ 79 KB
80 KB 12ms
12ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1397322820.img.jpeg/1728622948264/ivanti-script-start-param.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

72a16e82ebbe48c45ef6e2a67f4645444081d0cb72e09324824fc123fc30f6a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "13afb-6242c64c42100"
Age: 223267
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: xs4gTMaaPGcPa_pZ9sEvknKHiRNvrm7CrlsxL0kWB4HcEBXeG13oVg==
Date: Fri, 11 Oct 2024 20:09:28 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:02:28 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 80635
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-script-second-param.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_281043642.img.jpeg/1728622982349/ 12 KB
14 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_281043642.img.jpeg/1728622982349/ivanti-script-second-param.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f26ae51e214125767e456bc97f886b908749c984035ab7d7432fb11031a2a8e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "31e8-6242c66caed80"
Age: 223437
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 0NqSGTrZFDQ2i3ZXoZmvm7QTqkJQEo8_aef4HP03LEdiNjg5PGlgyQ==
Date: Fri, 11 Oct 2024 17:59:45 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:03:02 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 12776
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK ivanti-code-snippet-path-exists.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1062228048.img.jpeg/1728623065236/ 31 KB
32 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1062228048.img.jpeg/1728623065236/ivanti-code-snippet-path-exists.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

872f233ef34c09bfa33644108af6f2dfce8f77a0e2dc0847882840355efc4820

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "7ad4-6242c6bbd6840"
Age: 223267
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: HQd9_iOudTPgDXXErbD__P9N0OARWc9w9Y-3JFAtIVA-8ufs3MJ3sQ==
Date: Fri, 11 Oct 2024 17:59:41 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:04:25 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 31444
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig32-ivanti-installation-malicious-kernel.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_651532223.img.jpeg/1728623117727/ 23 KB
24 KB 12ms
12ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_651532223.img.jpeg/1728623117727/fig32-ivanti-installation-malicious-kernel.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a462bb85392ef235bc0ab080e8a9ae078a228fb74b3df156cb9f3ce7e20ad9e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "5bd6-6242c6ed6dd40"
Age: 223437
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: qzaLoS7ErDCv96NULXb4eh0XbsJWZySEoOrbwkq4BW6WJIcg6gUNpw==
Date: Fri, 11 Oct 2024 18:00:01 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:05:17 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 23510
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig33-ivanti-establishing-rootkit.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_948091254.img.jpeg/1728623149502/ 67 KB
69 KB 11ms
11ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_948091254.img.jpeg/1728623149502/fig33-ivanti-establishing-rootkit.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e91d19121fbf6ef08ec7ce270a07ef60a36ee454268228a0d698f666c2d9f359

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "10d87-6242c70bf2540"
Age: 223266
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: xC2Ybu-mfxIKXYMSp1QjkEReChpUD9J6jbtxZ5fCWD0klTGvqPCK8Q==
Date: Fri, 11 Oct 2024 20:09:28 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:05:49 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 68999
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK fig34-ivanti-rootkit-persistence.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_89044911.img.jpeg/1728623190397/ 57 KB
58 KB 12ms
12ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_89044911.img.jpeg/1728623190397/fig34-ivanti-rootkit-persistence.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

931a1bc91c7b780d9df916bdbd551447e2b0d742a0ff1bdd7a6dbb5f42619b39

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "e339-6242c7330c180"
Age: 223266
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 2N-ZOlB7jHpbhQ_QXg2v80nUKciskpv6Ihd_BSzsySExLz3_Z3G93A==
Date: Fri, 11 Oct 2024 20:09:28 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 05:06:30 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 58169
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H/1.1 200
OK table04-ivanti-mitre-mapping.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_256695740.img.jpeg/1728661530772/ 94 KB
96 KB 13ms
13ms Image
image/jpeg 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_256695740.img.jpeg/1728661530772/table04-ivanti-mitre-mapping.jpeg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a127f5d38a4a71d09b04fe89ab3c7cea05b5d20997a702855f66bcf3c0393cd5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
ETag: "178fb-62435606eba80"
Age: 223266
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: yL7BLJEhnz_H1MYgzzeW4eVwIMGYj-ge8lkQWHLCiw0P3K0Be-2BFg==
Date: Fri, 11 Oct 2024 20:09:28 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Oct 2024 15:45:30 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=684000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 96507
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 20ms
19ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

content-md5: Bh9exWOPGIwRshWljrtlEw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8D89735260901BC
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 48632
x-content-type-options: nosniff
date: Mon, 14 Oct 2024 07:41:00 GMT
content-type: application/javascript
last-modified: Thu, 03 Dec 2020 02:43:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 196e3d49-701e-0078-0644-149a7b000000
cf-ray: 8d25ecb00909bb49-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79698
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/4ee482d4-0cd8-4c59-918a-90483d5b8131/ 100 KB
24 KB 26ms
26ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/4ee482d4-0cd8-4c59-918a-90483d5b8131/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46ef912a5bf1fec350dc9d14102bcf1965471f16a57a890bdc5fc06bc4404370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

content-md5: 0twb7zWjuAt4bYR0sykmNQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC07DF2D729AA1
age: 5393
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 15 Oct 2024 07:41:00 GMT
date: Mon, 14 Oct 2024 07:41:00 GMT
content-type: application/json
last-modified: Thu, 28 Dec 2023 19:57:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: e188dc81-601e-007a-1f61-13f9c7000000
cf-ray: 8d25ecb07d99dc68-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24175
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 9 KB
3 KB 23ms
20ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

content-md5: SH1nUCPouc1JVrHnvxpQbg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8D89735210A49EB
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 33002
x-content-type-options: nosniff
date: Mon, 14 Oct 2024 07:41:00 GMT
content-type: application/json
last-modified: Thu, 03 Dec 2020 02:42:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: df6352b5-e01e-0018-22d2-21e6e4000000
cf-ray: 8d25ecb0be7ddc68-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2857
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 45 KB
12 KB 17ms
16ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

content-md5: zNsRoM1FEmsEgJoYMCNTng==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8D897352245C4EA
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 6005
x-content-type-options: nosniff
date: Mon, 14 Oct 2024 07:41:00 GMT
content-type: application/json
last-modified: Thu, 03 Dec 2020 02:42:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ecfe8c79-601e-0080-574e-79c685000000
cf-ray: 8d25ecb0be7fdc68-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11755
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 launch-EN23cb8375449840dc93b13f34d935b8b9.min.js Show response
assets.adobedtm.com/ 509 KB
122 KB 34ms
12ms Script
application/x-javascript 2a02:26f0:480:9b4::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9b4::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 62ccea4549c1c360f561987e20bd929c475a5f596bc7731a224d99e0d253cfa0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "af0a8014ad3a875765ca4dd5d5ca9349:1728346478.684687"
expires: Mon, 14 Oct 2024 08:41:01 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.fortinet.com
content-length: 124284
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/x-javascript
last-modified: Tue, 08 Oct 2024 00:14:38 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 35 KB
13 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:480:9b4::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9b4::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "d8232f86c8016a8e0acaa7ecfdf72b3e:1722493571.189276"
expires: Mon, 14 Oct 2024 08:41:01 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.fortinet.com
content-length: 13012
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:480:9b4::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9b4::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "bb4b6453e3ab80111a2b227318d22efb:1722493571.614634"
expires: Mon, 14 Oct 2024 08:41:01 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.fortinet.com
content-length: 1597
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
19 KB 483ms
165ms Script
application/javascript 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d5ecf2f6d5b7937dd1aa50165b89193436347d55cb130951d41e028b1f09d3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: private, proxy-revalidate, max-age=10800
content-encoding: gzip
etag: "66fb91ae-111bb"
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 10:41:01 GMT
accept-ranges: bytes
content-length: 18819
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.14.0 (Ubuntu)
last-modified: Tue, 01 Oct 2024 06:07:42 GMT

GET
H2 200 RCac955f2e1e97429197e1e31aaec22e86-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/ab0aba23da95/ 1 KB
940 B 8ms
8ms Script
application/x-javascript 2a02:26f0:480:9b4::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/ab0aba23da95/RCac955f2e1e97429197e1e31aaec22e86-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9b4::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b0c24ca8333c5e792fdbb0d0a02529e99999ae19484c6e304c4cc8ce4535d485

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "225c19abfa23b85abbde0df936bb4145:1728346480.074291"
expires: Mon, 14 Oct 2024 08:41:01 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.fortinet.com
content-length: 683
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/x-javascript
last-modified: Tue, 08 Oct 2024 00:14:40 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC448863e9e05a4b4880daa4a5fb7da328-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/ab0aba23da95/ 358 B
483 B 8ms
7ms Script
application/x-javascript 2a02:26f0:480:9b4::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/ab0aba23da95/RC448863e9e05a4b4880daa4a5fb7da328-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9b4::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 608f95c0544308eaef8ee3554248e93e668f323fb954f584ddc12cd65947d251

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "225c19abfa23b85abbde0df936bb4145:1728346480.074291"
expires: Mon, 14 Oct 2024 08:41:01 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.fortinet.com
content-length: 227
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/x-javascript
last-modified: Tue, 08 Oct 2024 00:14:40 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H/1.1 200
OK footer-links.json Show response
www.fortinet.com/content/dam/fortinet-blog/ 310 KB
36 KB 12ms
12ms XHR
application/json 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/footer-links.json

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9c2bfadf1fe546bd3872bf81e8477e95faff0104f3b9b888bc47cff4ffe88a36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

X-Vhost: publish
Content-Encoding: gzip
ETag: "4d8dc-61d89b0f78340-gzip"
Age: 7564410
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: eAYGF14StmAzLkJCMANQE1AL9sMa_Abd8gTGkMgmm4CG4uEHmJOrtA==
Date: Mon, 14 Oct 2024 01:41:09 GMT
Content-Type: application/json
Vary: Accept-Encoding
Last-Modified: Thu, 18 Jul 2024 18:24:37 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
X-Dispatcher: dispatcher2uswest1-28559771
Connection: keep-alive
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 35378
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

GET
H2 200 optOutStatus Show response
dpm.demdex.net/ 41 B
542 B 106ms
35ms XHR
application/json 52.31.162.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/optOutStatus?d_visid_ver=5.5.0&d_rtbd=json&d_ver=2&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1728891661226

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.31.162.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-162-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e5873dbdaa376d924cfa4b2ba4b1622d4e6e483866e2b7bc24ef3007ff5960e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.fortinet.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v066-0f9922371.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: eBLHC5yETkU=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.fortinet.com
content-length: 60
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/json;charset=utf-8
vary: Origin

GET
H2

200

s28484145504545
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/
Redirect Chain

https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/s28484145504545?AQB=1&ndh=1&pf=1&t=14%2F9%2F2024%209%3A41%3A1%201%20-120&fid=2D845914EE927843-360FDE4640711ADB&ce=UTF-8&page...
https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/s28484145504545?AQB=1&pccr=true&vidn=33866586C3BC9AB6-600005CC80A090A8&ndh=1&pf=1&t=14%2F9%2F2024%209%3A41%3A1%201%20-120&fi...

43 B
250 B

21ms
21ms

Image
image/gif

63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/s28484145504545?AQB=1&pccr=true&vidn=33866586C3BC9AB6-600005CC80A090A8&ndh=1&pf=1&t=14%2F9%2F2024%209%3A41%3A1%201%20-120&fid=2D845914EE927843-360FDE4640711ADB&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c.&cm.&ssf=1&.cm&.c&cc=USD&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c7=Entire%20Site&c8=New&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&v35=Enabled&v92=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Protocol

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3712766571483758592-4618630898954436878
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 07:41:01 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Mon, 14 Oct 2024 07:41:01 GMT
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Oct 2024 07:41:01 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
location: https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/s28484145504545?AQB=1&pccr=true&vidn=33866586C3BC9AB6-600005CC80A090A8&ndh=1&pf=1&t=14%2F9%2F2024%209%3A41%3A1%201%20-120&fid=2D845914EE927843-360FDE4640711ADB&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c.&cm.&ssf=1&.cm&.c&cc=USD&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&c7=Entire%20Site&c8=New&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Aburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&v35=Enabled&v92=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
pragma: no-cache
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 07:41:01 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 0
date: Mon, 14 Oct 2024 07:41:01 GMT
x-xss-protection: 1; mode=block
content-type: text/plain;charset=utf-8
vary: Origin
server: jag
last-modified: Tue, 15 Oct 2024 07:41:01 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
194 B 166ms
165ms XHR
text/html 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.fortinet.com
content-length: 7
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: text/html
access-control-allow-headers: *

GET
H2 200 / Show response
ipv6.6sc.co/ 35 B
336 B 25ms
9ms XHR
text/html 2a02:26f0:7100::210:180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 56a67aeda7dadd8cbfd946ef015a1ffd3261be2e0e8ffc3fa7411f1e48d9951f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: max-age=0, no-cache, no-store
pragma: no-cache
6si-ipv6: 2001:ac8:20:3d00:1012:fa32:7ce:6690
expires: Mon, 14 Oct 2024 07:41:01 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728891661759_34603388_465599146_23_1077_5_10_219";dur=1
access-control-allow-origin: https://www.fortinet.com
content-length: 35
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: text/html
vary: Origin

GET
H2 200 RC0ba76d5bbb984ea6a79cd6308c48dbff-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/ab0aba23da95/ 2 KB
981 B 9ms
9ms Script
application/x-javascript 2a02:26f0:480:9b4::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/ab0aba23da95/RC0ba76d5bbb984ea6a79cd6308c48dbff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9b4::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a23b68a0964626bb4062bf726dd4ab52d438dcfb88991402b224146d1087d1a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "225c19abfa23b85abbde0df936bb4145:1728346480.074291"
expires: Mon, 14 Oct 2024 08:41:01 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.fortinet.com
content-length: 724
date: Mon, 14 Oct 2024 07:41:01 GMT
content-type: application/x-javascript
last-modified: Tue, 08 Oct 2024 00:14:40 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H/1.1 200
OK favicon.ico
www.fortinet.com/etc/designs/fortinet-blog/ 318 B
2 KB 10ms
10ms Other
image/vnd.microsoft.icon 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet-blog/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost: publish
Content-Encoding: gzip
ETag: "13e-565c628eb6a00-gzip"
Age: 901709
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: jMhgw0vuBywVEPybMg0vkG3xPA5FS_gCMOGgRnV5Rls4B9W8aUHWUQ==
Date: Fri, 04 Oct 2024 00:14:09 GMT
Content-Type: image/vnd.microsoft.icon
Last-Modified: Thu, 22 Feb 2018 05:17:28 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Cache-Control: max-age=2000000, public
X-Dispatcher: dispatcher1uswest1-28559594
Connection: keep-alive
Via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 133
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P3
Server: Apache

OPTIONS
H2 200 details
eps.6sc.co/v3/company/ 0
0 34ms
8ms Preflight 99.83.231.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eps.6sc.co/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.231.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afe865822f884bb48.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.fortinet.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.fortinet.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
content-length: 0
date: Mon, 14 Oct 2024 07:41:01 GMT
timing-allow-origin: https://6sense.com
x-6si-region

GET
H2 200 details Show response
eps.6sc.co/v3/company/ 650 B
587 B 160ms
143ms XHR
application/json 99.83.231.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eps.6sc.co/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.231.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afe865822f884bb48.awsglobalaccelerator.com
Software: /
Resource Hash: 5640e819dc4e1d06cf9f3bfec1665157cc2a3bc94c265ae78a0a7945943445a6

Request headers

Authorization: Token 7381d1d7c753fe2d8e217c3fdc44c0f17418dcc4
X-6s-CustomID: WebTag1.0 5eeecf22b2d12a77a14639dce97b7a36
Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: X-6si-Region
timing-allow-origin: https://6sense.com
content-encoding: gzip
x-6si-region
access-control-allow-credentials: true
access-control-allow-origin: https://www.fortinet.com
content-length: 327
date: Mon, 14 Oct 2024 07:41:02 GMT
content-type: application/json
vary: Origin, Accept-Encoding

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fortinet.com/	1970-01-21 09:00:27	Name: cookiesession1 Value: 678A3E22EC962BB5D83EE169EB6876EF
.fortinet.com/	1970-01-21 09:00:27	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Oct+14+2024+09%3A41%3A00+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.10.0&hosts=&consentId=19704bd7-d0a3-4f80-a747-a93ed82994f3&interactionCount=0&landingPath=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.fortinet.com/	1970-01-21 09:50:51	Name: s_fid Value: 2D845914EE927843-360FDE4640711ADB
.fortinet.com/	1970-01-21 00:14:53	Name: gpv_pn Value: www.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
.fortinet.com/	1970-01-21 02:24:27	Name: s_getNewRepeat Value: 1728891661337-New
.fortinet.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.fortinet.com/	1970-01-21 09:50:51	Name: s_vi Value: [CS]v1\|33866586C3BC9AB6-600005CC80A090A8[CE]
www.fortinet.com/	1970-01-21 00:16:19	Name: aa_cc Value: DE
www.fortinet.com/	1970-01-21 00:16:19	Name: aa_cn Value: DE
www.fortinet.com/	1970-01-21 00:24:56	Name: AWSALB Value: 99v8i9XNloquZ/PvEYfwBUsrCumwtXgXgPCQIPDHLKFpOUQ58qVBmn6rbNvdEkN8G2RZxoH9A1rqF4JuwkJ8y3Vg5Br8Itw5WEHfIkRxls/iscUkF5Z1fnNWK7pP3uZFZ8+Ct46QfRuDBVi1VSnYU/WZqgcRafn4NV/fnayfCotatsOeeotA3ph4QDq8gAHl+EV4MpVd3B9tsTTxCr9J8KU18Kzfpp2n
www.fortinet.com/	1970-01-21 00:24:56	Name: AWSALBCORS Value: STBQZNrEwUbJ8jmDVwJrCXXS9q51cCcl6awk4n8ybu/us2L6oe7jaJaQRZIEBIBKIffF/EhuGUdy6JRW2FqTRqJ7AauD7/mmzIRRvdiwJrp/2/lQfdfw8Ay+ZOzCmYmSBXc0R4Fg/mGKgMa/Ws7y0hVRQwgO52zP9RKd7LrN9sV1BVphd09taRDVyHo7U4WyHPA/TyBQEIYsxSC3bsij+rS2r7Sq5aP9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa Message: The resource https://www.fortinet.com/etc/designs/fortinet/adb-target/visitorapi.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa Message: The resource https://www.fortinet.com/etc/designs/fortinet/adb-target/at.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
c.6sc.co
cdn.cookielaw.org
dpm.demdex.net
eps.6sc.co
geolocation.onetrust.com
ipv6.6sc.co
j.6sc.co
metrics.fortinet.com
www.fortinet.com
23.53.43.58
2606:4700:4400::6812:2089
2606:4700::6812:562a
2a02:26f0:480:9b4::1e80
2a02:26f0:7100::210:180
2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd
52.31.162.222
63.140.62.17
99.83.231.3
0968bbb30f1aef951bb770793756fca4fd75cce26bce318ace9c6e31deddf7f6
0e6e31465592638aaa036384d85ebd6e6c56b9178591bceea4a0b815dd06d535
0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91
17095b0dfaded492b73f4f6a30412ecb2f7a87a2ebd1f8963d5c5cee3db937bd
17234dc33fee83a6097588da7dc802864fd9af021ff0b48fa73a404e30aa362c
18041a7dd2be9d4ba5469edca86d5bd763e3bdcae7a83c5559c618bf4be83f0f
188c1c4378ca30c9eef2b446a37c4a7eb75d043f56acf32c35eb0077bb8705a6
18f5794db26670e34d8df06806be8536dc6520a380dcf67bced51fc8f7ef91e1
1a8491dacfaed6de53e20ff200c81255fb61def72f2696426a23ec5a05265b28
1d3e1ffd86a5653412775034689e08d77352a1a255038f3cf953b76318ac946a
26b37b2982358112ad578340484a7de6274a19db3fb6ea13f0b4e2d89e35f566
2e50f9ae9324af2e1d1803215dfa3b1e4476f62bf1c3d548743835992ca87182
36186e198e296c76785020a85f35312fbf538fe48f96b8358b01c25cb5b673e8
370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d
39a543197cee3bd0cac857a39467717e59781b5a8eec38ba40ebcc281e2c78b0
443f47f0ae01cec5b4bc117dffb451485e147a54865efa7c820320e68cb55909
452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7
46ef912a5bf1fec350dc9d14102bcf1965471f16a57a890bdc5fc06bc4404370
4aa70a752741f88840c0ae6612f71b6220ac77080c263caa1682cee47d9b39da
4af5dacf19bc195010075d202d98f083a444a8572cbc1711fe39225928cb6be1
5640e819dc4e1d06cf9f3bfec1665157cc2a3bc94c265ae78a0a7945943445a6
56a67aeda7dadd8cbfd946ef015a1ffd3261be2e0e8ffc3fa7411f1e48d9951f
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
5cde97a99252b4ad4fa0d3becd808a64e2b1946feef502515a47aab3f9110f7c
5fa043f0c7d87051071a76bfcd9a59a537991943ba96fde8cc718c5a0919b45b
608f95c0544308eaef8ee3554248e93e668f323fb954f584ddc12cd65947d251
61af4356b1a56a808fbe79a6cd0f96444069b54d9eb1a1576b45c0e0f6bae0c5
62ccea4549c1c360f561987e20bd929c475a5f596bc7731a224d99e0d253cfa0
643a52fac3e3aae163ef76ad0a2a088d2f31ac2552eff000edc1b495c8fbba32
644e98e4c6ce7519f77dc6c7401426d231c8f895f550c7f6c514bb4ec302ec6a
66a9e8a80c33a2f932441adf709f92aecca67782c8c0c5b1e165584d7eb3a291
717f11c79608856a33546a50fe20ac984c44c933ba23ea02c851f8f0004df1fd
727d19bf895438013bb188825e546dd6e61f80c2a4ea8e7b6e978b96bab546f4
72a16e82ebbe48c45ef6e2a67f4645444081d0cb72e09324824fc123fc30f6a0
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80
7c37b5d2c568700acb5aa4d6fc9ece9bc0df8882dc473d944a854ade711a696c
80979b936a389e029f1d96f9b57e39257416add377d59a14c91708c48cc60ae2
872f233ef34c09bfa33644108af6f2dfce8f77a0e2dc0847882840355efc4820
8998282f5a80fff5eaafdbd457dd7a81af0cd7c8696bfe032a6aeef8fe67f99f
8af6fb23ba1c0a4860476b240ba2d05c02ff018f1a93d2caadf7301ed87223d7
8e541dcf6b3eed0334c0309003af2e1851e7cf4d2d881b2f6d79819287fe15e3
8ef9e9b7103e38d4509a125612dad3ff98edfd671fa45f01d4d09c3cefa50a8f
92cfae0b0d343d93e5e1d365bb9179904e50407d803588ec009e2bb19e211ea3
931a1bc91c7b780d9df916bdbd551447e2b0d742a0ff1bdd7a6dbb5f42619b39
933ddaeb7b389ab0803e3e7a1124cd51dcd097514e5e1cff4d4cef50b219779e
94633716497a85d800b6e573953942c4cfe483c0dbd68fa97fd01dd97ced5d66
9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d
9c2bfadf1fe546bd3872bf81e8477e95faff0104f3b9b888bc47cff4ffe88a36
a127f5d38a4a71d09b04fe89ab3c7cea05b5d20997a702855f66bcf3c0393cd5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a23b68a0964626bb4062bf726dd4ab52d438dcfb88991402b224146d1087d1a7
a364f8998ea88f243a482109d256626e8d7cb72a05eac69ac608c27435241a65
a462bb85392ef235bc0ab080e8a9ae078a228fb74b3df156cb9f3ce7e20ad9e6
a9a345b743fb7460be8d7e10ca085ea57901980b67d43151196d36f94a5451cb
ad15ab06d640d365a00d41e146660addb01348b2f6878f6ffdc1dc428c67cc19
b0b526b901a7afeac92efcd87a441305a26891bba8bfbb950f4b18f7fd582e59
b0c24ca8333c5e792fdbb0d0a02529e99999ae19484c6e304c4cc8ce4535d485
b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15
b3f4fd3661f04c2c6374215073e85cb8c5c938ee783677f40e85151989c39d97
b69b5763c6c912b8a1852981c4401647963d63734e234b073d97c0dffbf64206
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bb13a80fdd4875e6626de9e2b4ebf7948f3cfe191f73b4dbf31e1247d0239667
bd6f701d7b3abd41679f87c496bc8911a602f247900dfc7ab7cb3a62abe098ee
bec3437c8baa45a6344648c2bb6806831972c5cdd7ae34a16897d6e205092476
c584b5d0f98a654a3857877fa1e3dbb85b0b0e779191ad952af4e14116205e2c
cbe67b5b6fa27d2f9d4f18dba4f940ce8c4a3dbcab1541b5b1023ce4dcea66e0
cff43ffcd3d9feaba4fb1250d800a3b9650a7f65c26f00b196e403cc763ee1d4
d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
d3cdd8255b0cabf4568ec33c19f12ef6a3a761ea27bb36f0e1a12d9c4f31a2f5
d4edec0e6d150110e180ad38f47e5eab79358d5df97f12e15c73a4b538863451
d5dc4157271c9d3147055b0f2b85578271417af24cb1cfd197b84194ddaa0bfa
d5ecf2f6d5b7937dd1aa50165b89193436347d55cb130951d41e028b1f09d3af
db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b
e5873dbdaa376d924cfa4b2ba4b1622d4e6e483866e2b7bc24ef3007ff5960e7
e91d19121fbf6ef08ec7ce270a07ef60a36ee454268228a0d698f666c2d9f359
ec5a240780ab83205367dfb9274a408269d2a10d837164fe39eebabd757d9e7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f02faad1987312daa96dcd532794b6db4faa8a623306821b9d26235dbea36983
f21e3a5a80821feb91e7bb84d525742fd137c4b336f3ff3f1bb15dc2fcae9d70
f26ae51e214125767e456bc97f886b908749c984035ab7d7432fb11031a2a8e3
f53109bc9c1f5eba5a8e47a82b8a8e12de6fdd2c81f0a5320d5cd457708a5324
f797f871bec64d4d54308abab8c7008df6b855a83b59dbc17665e3c4111e7032
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.fortinet.com Open in urlscan Pro 2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

99 %HTTPS

56 %IPv6

6 Domains

10 Subdomains

10 IPs

3 Countries

5387 kBTransfer

7269 kBSize

11 Cookies

15 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fortinet.com Open in urlscan Pro
2a05:d014:f3c:6c02:209f:ae6c:3c6e:e3dd Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

99 %
HTTPS

56 %
IPv6

6
Domains

10
Subdomains

10
IPs

3
Countries

5387 kB
Transfer

7269 kB
Size

11
Cookies

87 HTTP transactions
2 data transactions