urlscan.io logo urlscan.io
SecurityTrails logo

www.horizon3.ai Open in urlscan Pro
104.197.16.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Submission: On May 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 20 domains to perform 127 HTTP transactions. The main IP is 104.197.16.226, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.horizon3.ai. The Cisco Umbrella rank of the primary domain is 973242.
TLS certificate: Issued by R3 on May 5th 2024. Valid for: 3 months.
This is the only time www.horizon3.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 104.197.16.226 396982 (GOOGLE-CL...)
78 2400:52e0:1e0... 200325 (BUNNYCDN)
1 54.174.246.212 14618 (AMAZON-AES)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 34.117.77.79 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
2 52.54.96.194 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 34.120.220.80 396982 (GOOGLE-CL...)
1 151.101.193.140 54113 (FASTLY)
1 151.101.1.140 54113 (FASTLY)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3.215.172.219 14618 (AMAZON-AES)
127 24
7    104.197.16.226 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.16.197.104.bc.googleusercontent.com
www.horizon3.ai
78    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
p7i3u3x3.rocketcdn.me
1    54.174.246.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-246-212.compute-1.amazonaws.com
boards.greenhouse.io
4    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
1    2606:4700::6810:762b (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
pi.pardot.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2606:4700:20::ac43:44c4 (United States)

ASN13335 (CLOUDFLARENET, US)
io.clickguard.com
3    34.120.220.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.220.120.34.bc.googleusercontent.com
cdn.dreamdata.cloud
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:20::681a:d98 (United States)

ASN13335 (CLOUDFLARENET, US)
pulse.clickguard.com
1    3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com
go.horizon3.ai
Apex Domain
Subdomains		 Transfer
78 rocketcdn.me
p7i3u3x3.rocketcdn.me
1 MB
8 horizon3.ai
www.horizon3.ai — Cisco Umbrella Rank: 973242
go.horizon3.ai
215 KB
7 gstatic.com
fonts.gstatic.com
192 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 338
www.linkedin.com — Cisco Umbrella Rank: 619
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
4 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
21 KB
3 dreamdata.cloud
cdn.dreamdata.cloud — Cisco Umbrella Rank: 50976
43 KB
3 clickguard.com
io.clickguard.com — Cisco Umbrella Rank: 60936
pulse.clickguard.com — Cisco Umbrella Rank: 52537
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
288 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
308 B
2 reddit.com
pixel-config.reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1376
761 B
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 5415
4 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1160
13 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1937
11 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
132 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
254 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 803
17 KB
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4715
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
17 KB
1 greenhouse.io
boards.greenhouse.io — Cisco Umbrella Rank: 45862
2 KB
127 20
Domain Requested by
78 p7i3u3x3.rocketcdn.me www.horizon3.ai
7 fonts.gstatic.com www.horizon3.ai
7 www.horizon3.ai www.horizon3.ai
p7i3u3x3.rocketcdn.me
5 px.ads.linkedin.com 3 redirects snap.licdn.com
4 cdn.jsdelivr.net www.horizon3.ai
3 cdn.dreamdata.cloud www.horizon3.ai
cdn.dreamdata.cloud
3 www.googletagmanager.com www.horizon3.ai
www.googletagmanager.com
2 pulse.clickguard.com io.clickguard.com
2 region1.analytics.google.com www.googletagmanager.com
2 pi.pardot.com www.horizon3.ai
pi.pardot.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 ml314.com www.horizon3.ai
ml314.com
2 code.jquery.com www.horizon3.ai
1 go.horizon3.ai pi.pardot.com
1 www.google.de www.horizon3.ai
1 stats.g.doubleclick.net www.googletagmanager.com
1 px4.ads.linkedin.com www.horizon3.ai
1 www.linkedin.com 1 redirects
1 alb.reddit.com www.horizon3.ai
1 pixel-config.reddit.com www.redditstatic.com
1 io.clickguard.com www.googletagmanager.com
1 snap.licdn.com www.horizon3.ai
1 ws.zoominfo.com www.horizon3.ai
1 cdnjs.cloudflare.com www.horizon3.ai
1 boards.greenhouse.io www.horizon3.ai
127 25
Subject Issuer Validity Valid
www.horizon3.ai
R3		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.rocketcdn.me
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.greenhouse.io
R3		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4		 2024-04-26 -
2024-07-25		 3 months crt.sh
zoominfo.com
E1		 2024-05-20 -
2024-08-18		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-23		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
clickguard.com
GTS CA 1P5		 2024-05-13 -
2024-08-11		 3 months crt.sh
cdn.dreamdata.cloud
GTS CA 1D4		 2024-04-30 -
2024-07-29		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.google.de
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
go.horizon3.ai
R3		 2024-05-04 -
2024-08-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Frame ID: 46164C855B1093E2C9172BF634963C52
Requests: 126 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive – Horizon3.ai

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

127
Requests

99 %
HTTPS

63 %
IPv6

20
Domains

25
Subdomains

24
IPs

3
Countries

2135 kB
Transfer

6283 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3527860%26time%3D1717099542949%26url%3Dhttps%253A%252F%252Fwww.horizon3.ai%252Fattack-research%252Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&cookiesTest=true&liSync=true&e_ipv6=AQLH1zxPusItYAAAAY_LG7yYa4lZOAbGzhEiBLvsZf1tGCgdvH3NTZoqeJOpUvy6nA0wb-FIlWekO29eN7LmiFbhpfvuSg

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/ 		463 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
a61cce9d5adf6f563f4c6bfae313901e64290e136f363e1853f6a0d96f052732
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 20:05:42 GMT
last-modified
Tue, 28 May 2024 08:37:44 GMT
link
<https://www.horizon3.ai/wp-json/>; rel="https://api.w.org/" <https://www.horizon3.ai/wp-json/wp/v2/posts/260622>; rel="alternate"; type="application/json" <https://www.horizon3.ai/?p=260622>; rel=shortlink
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
x-tec-api-origin
https://www.horizon3.ai
x-tec-api-root
https://www.horizon3.ai/wp-json/tribe/events/v1/
x-tec-api-version
v1
x-xss-protection
"1; mode=block"
style.min.css
p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/ 		111 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 27 Feb 2024 14:48:23 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ddf637-1bae5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8e7d8bcf662e4ece107339204461e858
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3>; rel="canonical"
cdn-requestpullsuccess
True
aiwp-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/ 		98 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190c-62"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bcd1ef78eff34970687c2cf0c646d807
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0>; rel="canonical"
cdn-requestpullsuccess
True
cookie-law-info-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:49 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9d9-c22"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
90aa5e8ad8bd4daddd30917619e34402
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.2>; rel="canonical"
cdn-requestpullsuccess
True
cookie-law-info-gdpr.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:49 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9d9-6a71"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
16399eb0473c9e41653dd50a67b59b69
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.2>; rel="canonical"
cdn-requestpullsuccess
True
et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622-late.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/ 		199 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622-late.css?ver=1716936066
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
8cd9f7a987ec2f62408533ab4ac13ef1e7b1cd9300f4d28b721cbe71e13dc50d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 May 2024 22:41:10 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"66565d86-31b96"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2896e46f82e44f87d3337a0bef07235d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/260622/et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622-late.css?ver=1716936066>; rel="canonical"
cdn-requestpullsuccess
True
et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/ 		5 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622.css?ver=1716936066
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
42533cfc647d950631655f901e1cdebdeab3737487d6c3d848b2440ad12b1465
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 May 2024 22:41:06 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"66565d82-14ef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
0fbcf4a4ccb3406e9b9c6c0cb8492466
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/260622/et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622.css?ver=1716936066>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/ 		152 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
751a73d9a95700a13e0592a06cfa3680c9a50f8105bcc1332b4ed0b92dc78ca2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9db-25f4a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d57673d9de5bb3d882635cee2273f324
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.7.3>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-1196f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
5a45e49bef1eda7e3f658cccd45ab5f8
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/ 		80 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-140f1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
08b62f6f471e0b7df4fefc36124119d3
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/ 		86 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/style.min.css?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3b0b3b2876c9a3ed08e9cf6b115cb335783e93148c12b0811202e1fe69da3755
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 19:46:44 GMT
server
nginx
etag
W/"65fb3d24-15755"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/ 		421 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
d0606dcbe3bc47a9ff10d8bc52b0042c2040bed75c8382bcb534230aea248d3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-69547"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2570cfec9561ca3d658bbe3576f366fe
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.97>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/ 		86 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/style.min.css?ver=1.2.8
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3b0b3b2876c9a3ed08e9cf6b115cb335783e93148c12b0811202e1fe69da3755
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 19:46:44 GMT
server
nginx
etag
W/"65fb3d24-15755"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
magnific_popup.css
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-1946"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
a6550e3563430136796f55a499afeb26
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.97>; rel="canonical"
cdn-requestpullsuccess
True
swiper.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-5865"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
237338a9980502e406ab55626a5ec32a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.97>; rel="canonical"
cdn-requestpullsuccess
True
popup.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-1389"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8d19786cc527c80f7113c7725d81b89c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.97>; rel="canonical"
cdn-requestpullsuccess
True
animate.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		83 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-14d7b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
484092a3894cd1843dfb7d423da2395a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.97>; rel="canonical"
cdn-requestpullsuccess
True
readmore.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-6bd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
03f13c0d8651d3e4628a3d65535569ed
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.97>; rel="canonical"
cdn-requestpullsuccess
True
jquery.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
9a80bb7594638418fe10205736b5f102
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery.min.js?ver=3.7.1>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6482bd64-3509"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
544930ad53d705b5c1c633c352a5c107
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
aiwp-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/ 		913 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190c-391"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
eba250e41291c1ba801b6b3287ae4a97
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
cookie-law-info-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:49 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9d9-8589"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
a88a21a4b1beb46a7e6d1ee07c42f3c3
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/ 		486 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.4.9
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Dec 2023 18:17:30 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65808cba-1e6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ed6d04cb13b9d586fe30c6e1f9e66bc6
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.4.9>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
divi-filter-loadmore.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9db-2147"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
6905956a08921312ba93bd91031b26e4
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.7.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
et-divi-customizer-global.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1716936048
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
193cde4c958b95fe277c44a7c8d59f58b9d9069f6cdd0e30c72e6cf2dff29cce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 May 2024 22:40:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"66565d70-3474"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
b5649c17fdc3777740c6c9d78f4ae075
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1716936048>; rel="canonical"
cdn-requestpullsuccess
True
et-core-unified-tb-242536-tb-4381-tb-243092-deferred-260622.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/ 		83 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-260622.min.css?ver=1716936070
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
3a90b9f96a76c6d7ee4e890525f1bcfc1885627aa8e8d75f795186875171582c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 May 2024 22:41:10 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"66565d86-14a0c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
53115be37c441537dad2eab50fa06174
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/260622/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-260622.min.css?ver=1716936070>; rel="canonical"
cdn-requestpullsuccess
True
Email_Logo.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/Email_Logo.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2c8a5a9e00ece176ee83b23eef0d0d721effe3fcc0707ca2ef9c80b6fcb9dc2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
8488
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fe-2128"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ec7b5f4d6d2c3d5b5e743282018d82c0
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2022/08/Email_Logo.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
12820
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:36 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e1900-3214"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
663562c6891334fcf79926429bdca321
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
video-game-sword.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/ 		470 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/video-game-sword.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 16:07:20
cdn-pullzone
1682947
content-length
470
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:27 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18f7-1d6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bd8a979d6e57e2dcf2e5df05be6731d3
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2023/09/video-game-sword.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Target-Path-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
8788
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Mar 2024 16:41:17 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f085ad-2254"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bb90a4fc138a0f02dd10e370b8e1a2d6
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
entra_compromise_2-980x367.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
798b31a18cae3f6010e75b292d5efa21b347cb479c319b0b7344e023f1ed022a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
15310
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 May 2024 00:33:44 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"664bebe8-3bce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d3c44bdad6c863c69bf68275210d2db8
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Wild-Bird-Eagle-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9782e3d5058b8388a63b064ecef2b128614205e1e003382c7bb8d6f13b3c912b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
11066
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Mar 2024 23:01:21 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65ef8d41-2b3a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d027859876261d4b7224b04a938d0bac
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
24-VSA-CV.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		20 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/24-VSA-CV.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
eb26d806205f76aa405e71e7e08897babf02c5ff4d8c8e54284b8fd8f03e9906
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
20780
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 May 2024 15:32:35 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"664b6d13-512c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
50cac10a60dc66961707c77cab78036d
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/24-VSA-CV.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
400x250-Award-SA-Badge-24.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/400x250-Award-SA-Badge-24.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b0dba2938a5a6e40fead832afd0ecf705d90368500d81d1a7644b48349eedc89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
13966
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 May 2024 20:50:45 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"663be5a5-368e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
6cccec2fba42604220b974a7d7009d9c
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/400x250-Award-SA-Badge-24.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-05-16-at-9.08.43%E2%80%AFAM-1.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		72 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/Screenshot-2024-05-16-at-9.08.43%E2%80%AFAM-1.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
99c8e52f4537382952c1c4bc6cfc666491f6ab0b16f5e72f48b4e432204e2b8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
74070
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 May 2024 12:14:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"6655cab8-12156"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
1093e667e8491bda7295c5e5ff53537c
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/Screenshot-2024-05-16-at-9.08.43%E2%80%AFAM-1.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-05-17-at-10.54.52%E2%80%AFAM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-10.54.52%E2%80%AFAM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9531dd9e8a1aec3b9d6de4f21d39bacde94d61adb18b9bf5df62e500d2dc5379
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
33568
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 May 2024 14:55:23 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"66476fdb-8320"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
28379ad1118d39bde8eb2356ea22adcf
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-10.54.52%E2%80%AFAM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-05-17-at-10.56.27%E2%80%AFAM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-10.56.27%E2%80%AFAM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ce152df754b25a3fcd668688155c288f268481561aa6e31bd8542544be1ef9aa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
14562
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 May 2024 14:56:56 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"66477038-38e2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
79c5a281599046cc9767aad1d8900753
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-10.56.27%E2%80%AFAM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-05-17-at-10.58.19%E2%80%AFAM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-10.58.19%E2%80%AFAM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
56225395e4b09aad955dcebc4d496e651880814e0a036a593bd667194b78a64c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
11030
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 May 2024 15:01:37 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"66477151-2b16"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2c7f004875e653f85fe8a31c7639d5fb
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-10.58.19%E2%80%AFAM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-05-17-at-11.07.31%E2%80%AFAM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-11.07.31%E2%80%AFAM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ff4e0b124a2548dda364996cb7b7ef5b7cb657f0906309bc9a501cb0b46ff666
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
17652
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 May 2024 15:09:23 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"66477323-44f4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
fb0dc9182ccd41ec61fcf6045bea9e95
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/Screenshot-2024-05-17-at-11.07.31%E2%80%AFAM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-05-20-at-9.57.13%E2%80%AFAM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/Screenshot-2024-05-20-at-9.57.13%E2%80%AFAM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9c2c18aa2a9a6b68a008445912b9e1c619c971ef03702798bce62150e3f95f0c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
65146
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 May 2024 14:05:09 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"664b5895-fe7a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
056b62936d8b7a2aa68eb7f2d4718ff9
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/Screenshot-2024-05-20-at-9.57.13%E2%80%AFAM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-05-20-at-10.26.10%E2%80%AFAM-768x332.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/Screenshot-2024-05-20-at-10.26.10%E2%80%AFAM-768x332.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
488beee138113684a258f1a98e1a3567f3dec58b9417dbd0d610e3c6f329f656
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
15092
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 May 2024 14:28:44 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"664b5e1c-3af4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
0d9d662a6b707bc4f3b239113d1bfec4
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/Screenshot-2024-05-20-at-10.26.10%E2%80%AFAM-768x332.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
streamlinehq-cog-approved-interface-essential-100.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
1462
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fd-5b6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2a4ece32db68087e9b132c2219e420cb
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
logo-cookieyes.svg
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 16:07:20
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:49 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9d9-a15"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
853c5c2887831210a7f3227a02e9fccd
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
js
boards.greenhouse.io/embed/job_board/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boards.greenhouse.io/embed/job_board/js?for=horizon3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.174.246.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-246-212.compute-1.amazonaws.com
Software
/
Resource Hash
ca6b4344f9f7607f872805d649e08b60c471d9a7ebba897f9f08bc07b16310fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.007014
date
Thu, 30 May 2024 20:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
W/"ca6b4344f9f7607f872805d649e08b60"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
592f2f6751ec6c29653b0f13ef50fd49
mediaelementplayer-legacy.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"5f735862-2bf8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d0862e4b39059fb5fb953c851f56427a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17>; rel="canonical"
cdn-requestpullsuccess
True
wp-mediaelement.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"5cfaccce-105a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
56bdc69f799cb02924e673c66f79e16c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.3>; rel="canonical"
cdn-requestpullsuccess
True
bootstrap.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/30/2024 14:36:04
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-35dd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
cc0ae691ccc641c9ad650bc82b6fd294
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.5.3>; rel="canonical"
cdn-requestpullsuccess
True
daterangepicker.css
cdn.jsdelivr.net/npm/daterangepicker/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23195
x-jsd-version
3.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1754
x-served-by
cache-fra-eddf8230085-FRA, cache-lga21928-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1B8nk%2FFab%2BES1d%2BZjJxkiMcC9mPA%2F%2BTqrFYymxo8s5k74tKnexSeS%2BbiGuKltxsBDQhG%2Bwee%2FzYEP7MutXdOqUVeIqXDBRUDoeN3xFv%2BpNqG%2FF0mUnx7sc8mLz9%2BM%2FdZlcI9grsZTuJymS84Uo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c1572e2dcb671b-AMS
jquery-ui.css
code.jquery.com/ui/1.13.2/themes/hot-sneaks/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.13.2/themes/hot-sneaks/jquery-ui.css?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3831870
x-cache
HIT, HIT
content-length
8576
x-served-by
cache-lga21942-LGA, cache-fra-etou8220082-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717099543.787386,VS0,VE0
etag
W/"28feccc0-8fc4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
7875, 3
cookie-law-info-table.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:49 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9d9-17e1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bc4cc216385660cbc45e0496ea305732
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.2>; rel="canonical"
cdn-requestpullsuccess
True
scripts.min.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/ 		268 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/scripts.min.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9ccbe8ceae9d2553c597d0a65f19928d14f42368ddd1118d69a968c2c9912161
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-42fa7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
3573aa3a052e61449d1a7fedfc1a0737
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/js/scripts.min.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery.fitvids.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-d15"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
56f6a20c01c4ffc9caa401aeab964330
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
comment-reply.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/comment-reply.min.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"625095f6-ba5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
0be412476e682e7db8ae8e43f51ae3ce
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-includes/js/comment-reply.min.js?ver=6.5.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery.mobile.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-1f18"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
6e33d0f8dc8cccb1985005e219b01ade
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
magnific-popup.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-5902"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
4f62f9aba16211d220133531bd4e293a
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
easypiechart.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 18:13:30
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-2466"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
0a754af2fd596d07f66ea4d7831eab50
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
salvattore.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-217e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
a815fdf957ddffe81077e95c7bfc7fd3
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/ 		699 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9db-2bb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d94cb82c6bd66acdf5b5207e114d9a2e
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.7.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190c-8dee"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bc7fb3cf0cc28293406dff58c4c2607b
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/ 		733 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-2dd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7f1116c02006019fc70250737e1be6b1
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
new-tab.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:57 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9e1-8687"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
a55cb036be9c115c43ef3b9fb3d32c12
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
common.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/common.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-53f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ce64305050e872b7a51459ff20d16b0c
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/js/common.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e74280e28094cb4792f2e647de9d0d456f7115efb5ff3538f98ae0b7b4c23780
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-d4d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
84cebbd4aaa1cd6211abd5206bca7db8
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.97>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
mediaelement-and-player.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		154 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 14:21:11 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6335a9d7-26935"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8019cdfb0330b32e4779d2d365231a80
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
mediaelement-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"625095f6-4a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
54797fceb50eac88e49f3e944d2b2fdf
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.5.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
wp-mediaelement.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Feb 2023 16:00:42 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"63e275aa-453"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
3e6d1d894ae61ebca9814822a2069b77
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.5.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
swiper-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/ 		142 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-239c1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
a55d85bcbbe40e5a5140e232892e4c86
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.97>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.97
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Apr 2024 00:54:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6629a9de-a85"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
95de8317a4a1f21fecc58dd6fea1ebe1
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.97>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4226171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16837
last-modified
Wed, 06 Jul 2022 23:03:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62c614dc-41c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3XZwn%2F10wnwXhQJarVeD7hNeyEH%2FAHlBQbCsvrkOaDLk4AOHjSthhVsnwdcQfaginvlTOZdRM7zrr69eXE4SRZQPfWOKoYrkTvyVtxcHYlUJQm5%2FZgnx5tQBmfOGaaGf%2F0ut7K%2FldkpBdnInHXIPfMDD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c1572e68f59f7b-AMS
expires
Tue, 20 May 2025 20:05:42 GMT
daterangepicker.min.js
cdn.jsdelivr.net/npm/daterangepicker/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837f3f510b4be76f36c097ca94f9efe87c0a0581daf5e8b2bf980d9f3788bc37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24398
x-jsd-version
3.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7242
x-served-by
cache-fra-eddf8230147-FRA, cache-lga21954-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"8092-XxjDQopdrufpJf5BZ3ADy4siD68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=plGVPSok%2BYSOb7Zy9zpvCu8e6QrPIj9Rwjl8z%2FRn7aTC221iT3DFsE0xIaWKWL7F3miIcqTmWsSlcQ29%2FRdAUYdPGroMxWnCnyoFsFThcHsbRcb9ISlpFFlcZl1yQcATeurFMXbrJic8IRk8C6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c1572e3de7671b-AMS
jquery-ui.js
code.jquery.com/ui/1.13.2/ 		517 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.13.2/jquery-ui.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3755295
x-cache
HIT, HIT
content-length
126267
x-served-by
cache-lga21926-LGA, cache-fra-etou8220082-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717099543.787156,VS0,VE0
etag
W/"28feccc0-81307"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
60, 43222
loadFilter.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/ 		44 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/loadFilter.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20113
x-jsd-version
2.7.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6186
x-served-by
cache-fra-etou8220127-FRA, cache-lga21956-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"b08f-hyuFhPhDAFE5gn7UWPXhS1S5p0w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xVbL6bc77TaNktl1st4Ng1hWAzTphlkmI9T1eK95Cyvb%2BysvAqdPn2IpQNSX4FFFZ%2BngQencTiL214UIfVDYSn1OHb%2BBpHFTG7ElYgmWTWh8lRb7vvasviSXxfnddE40coAe2pjcvHYsc%2BgyaI8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c1572e3deb671b-AMS
loadmore.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/ 		31 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/loadmore.js?ver=6.5.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4135
x-jsd-version
2.7.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4509
x-served-by
cache-fra-etou8220098-FRA, cache-lga21949-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"7b9e-g8xMzqvVKM5J7uC4u0KIn/Wvuw4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keN%2BDXTGilbr9axOVLBrJ8pTnIHc374YFmjQpq8pwnYcqKLLwRjCA2L6xFrS01JDCjxEQuc%2BAUtm0HqB%2F1BFgSqKBi5bDKZ2rqClpsMNkAPOt13XgNBa7Gtumzhif2g4JDtEkJQnxaAk3rOqo1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c1572e3df0671b-AMS
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ef71ea60e9d99a764eae745ada2724a4bc3175114330ee3786d144831e562147
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 19:46:44 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65fb3d24-2092"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
539db69154b873e6a511a8955363ee02
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.0.0>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
motion-effects.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		154 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e51e19db4305a39866527982780d253af76c071540c09f2b215cab4b08de2b10
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-26901"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d390718cc5c2686eb20005c252c649f6
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
sticky-elements.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f988466c42d1f2b5bb177b6221783d53b8ee21e9e3399c502ab3689f56fbc19e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"663035be-34f33"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7512c6bb7b3be72ebb2ecd90049614ec
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		277 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8d1aed5da63448904839dc17fba4941f6159cd4f96dc7b399ee576110759553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97559
x-xss-protection
0
last-modified
Thu, 30 May 2024 19:02:59 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 20:05:42 GMT
tag.aspx
ml314.com/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?304
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 19:28:49 GMT
via
1.1 google
content-encoding
br
age
2213
x-guploader-uploadid
ABPtcPr37KwPTlGHAxaAUTdb8W4KdoKy100zhpmePyYTn5DSmgYpiH5T8YHiggOxyT5U0cBBtd3VWP47Qw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10611
last-modified
Tue, 07 May 2024 22:27:04 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1715120823907330
x-goog-hash
crc32c=10AurQ==, md5=zLoLKAsL6lcopoHLyCZEiw==
content-type
application/javascript
cache-id
FRA-1209ea83
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
34184
accept-ranges
bytes
61eaf806342d59001e8ed916
ws.zoominfo.com/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/61eaf806342d59001e8ed916
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:762b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f3356d61520361186d3866efd594e4fcff24d93270952958d79142bcc8665639
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
88c1572e6aad6723-AMS
et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622-late.css
www.horizon3.ai/wp-content/et-cache/260622/ 		199 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/et-cache/260622/et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622-late.css
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8cd9f7a987ec2f62408533ab4ac13ef1e7b1cd9300f4d28b721cbe71e13dc50d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 May 2024 22:41:10 GMT
server
nginx
etag
W/"66565d86-31b96"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
utsync.ashx
ml314.com/ 		62 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=81430&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&pv=1717099542834_854k3zkvm&bl=de-de&cb=2950249&return=&ht=&d=&dc=&si=1717099542834_854k3zkvm&cid=6cde07f1-6e0d-4162-bf0a-d382a9285bc8&s=1600x1200&rp=&v=2.7.2.162
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 20:05:42 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/javascript
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
js
www.googletagmanager.com/gtag/ 		322 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
520d86448cb327bda6292fcea5a98b8e1e1800aa90c0f136b66a4a96ebb39ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105371
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 May 2024 20:05:42 GMT
destination
www.googletagmanager.com/gtag/ 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10792903506&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
940182bae6178cfff051e4c8895800b7c62da5f40f27b1b50fc34c96637dc170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91329
x-xss-protection
0
last-modified
Thu, 30 May 2024 19:02:59 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 20:05:42 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 22 May 2024 17:01:28 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12104
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
/
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 20:05:43 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 30 May 2024 05:28:14 GMT
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Sat, 30 May 2026 20:05:43 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 17:20:18 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=25145
accept-ranges
bytes
content-length
16683
PLwGhTJP
io.clickguard.com/s/cHJvdGVjdG9y/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
72b9ab3f611cc91dc8a0ab966a8d3cd0e721c17c3d27953514527c2ce5c1bf1e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 20:05:43 GMT
via
1.1 google
Content-Encoding
br
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
x-powered-by
Express
etag
W/"1eaf-F7u0sk8v3+kNpRFEnqHD2K70gBI"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPlDIELEf2n3dTpUrrcyzqfeLM7CUnGUN%2FKXbq%2FfzRSJCT3Kpe7THA64%2BGd49e81WZ%2Bvyy6QUDcehwM7KxxgcuvDJrTRhFYTDB7DWXh6tVXGtJ%2BwMVwbvJw4Ms0e7nQtBu%2BbXzcczt%2FvTajPuun8"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
88c1572f7be00a68-AMS
dreamdata.min.js
cdn.dreamdata.cloud/scripts/analytics/v1/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 19:44:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000;includeSubdomains
age
1296
x-guploader-uploadid
ABPtcPqvHrNsH6sHfJwi-jsX8YHCEkHiHcjGu_Wz9lQ9KfWGrZK_vt1On65XtbAT0dB5Gm3O1nSsQ99JZA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39064
referrer-policy
origin
last-modified
Tue, 19 Dec 2023 15:12:09 GMT
server
UploadServer
etag
"5a0c242829201a80f498d4959d83ebfc"
vary
Accept-Encoding
x-goog-generation
1702998729480704
x-goog-hash
crc32c=9JeVgg==, md5=WgwkKCkgGoD0mNSVnYPr/A==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1800
x-goog-stored-content-length
39064
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 30 May 2024 20:14:06 GMT
identify-form.min.js
cdn.dreamdata.cloud/scripts/identify-form/v1/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dreamdata.cloud/scripts/identify-form/v1/identify-form.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
66c5889779331f1942f8bf56933acbab2f3c264c7e77f367795a8cb04506e9ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 19:54:04 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000;includeSubdomains
age
698
x-guploader-uploadid
ABPtcPpbNOJNPV10iQIf8Ny_zR6AFyFw1z68DkcE-kIRNxkd6hjKZdXZP-xpXGQVOd1J50yVOSp7IFTKcg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4325
referrer-policy
origin
last-modified
Fri, 12 Apr 2024 10:25:35 GMT
server
UploadServer
etag
"8a6a5d6c3a6974d0bc37e53710962146"
vary
Accept-Encoding
x-goog-generation
1712917535471168
x-goog-hash
crc32c=5dIwaw==, md5=impdbDppdNC8N+U3EJYhRg==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
4325
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 30 May 2024 20:24:04 GMT
config
pixel-config.reddit.com/pixels/t2_rwb6eefi/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_rwb6eefi/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:43 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_rwb6eefi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_rwb6eefi_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1717099542942&id=t2_rwb6eefi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=a566d003-86b2-4e29-9d2f-f054218b6e34&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
attribution_trigger
px.ads.linkedin.com/ 		2 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
*
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7BD975AADFCB4B0394FCEDF98C097F4E Ref B: DUS30EDGE0310 Ref C: 2024-05-30T20:05:43Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lor1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYZsWRPUY7VRFsg1b5Xmg==
x-fs-uuid
000619b1644f518ed5445b20d5be579a
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-dee...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-dee...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3527860%26time%3D1717099542949%26url%3Dhttps%253A%252F%252Fwww.horizon3.ai%252Fat...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-dee...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-de...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&cookiesTest=true&liSync=true&e_ipv6=AQLH1zxPusItYAAAAY_LG7yYa4lZOAbGzhEiBLvsZf1tGCgdvH3NTZoqeJOpUvy6nA0wb-FIlWekO29eN7LmiFbhpfvuSg
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 30 May 2024 20:05:43 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C69E23AC59DA4C2587743473DF78EEE4 Ref B: DUS30EDGE0414 Ref C: 2024-05-30T20:05:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYZsWRb5OrsdlAIkBWZ8Q==

Redirect headers

date
Thu, 30 May 2024 20:05:43 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 3107849187BD4706BA18B7850C5CBADC Ref B: FRAEDGE1317 Ref C: 2024-05-30T20:05:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1717099542949&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&cookiesTest=true&liSync=true&e_ipv6=AQLH1zxPusItYAAAAY_LG7yYa4lZOAbGzhEiBLvsZf1tGCgdvH3NTZoqeJOpUvy6nA0wb-FIlWekO29eN7LmiFbhpfvuSg
x-li-proto
http/2
content-length
0
x-li-uuid
AAYZsWRYk0/vVeAFrYTcpA==
p
cdn.dreamdata.cloud/api/v1/ 		16 B
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.dreamdata.cloud/api/v1/p
Requested by
Host: cdn.dreamdata.cloud
URL: https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 May 2024 20:05:43 GMT
via
1.1 google
referrer-policy
nosniff
strict-transport-security
max-age=63072000;includeSubdomains
server
Google Frontend
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
d08ec246b3a64849f8312c06b0429c3b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-V462VSRXXS&gtm=45je45m0v889089095z8852319646za200zb852319646&_p=1717099542739&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1969912032.1717099543&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717099543&sct=1&seg=0&dl=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&dt=CVE-2024-23108%3A%20Fortinet%20FortiSIEM%202nd%20Order%20Command%20Injection%20Deep-Dive%20%E2%80%93%20Horizon3.ai&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1204
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 20:05:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.horizon3.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V462VSRXXS&cid=1969912032.1717099543&gtm=45je45m0v889089095z8852319646za200zb852319646&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 20:05:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.horizon3.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V462VSRXXS&cid=1969912032.1717099543&gtm=45je45m0v889089095z8852319646za200zb852319646&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=2118971014
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 20:05:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Red-Team-Blog-BG.jpg
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/ 		51 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/Red-Team-Blog-BG.jpg
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:59
cdn-pullzone
1682947
content-length
52684
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fd-cdcc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
29b31a062107f044bd1c5372a29d3c1d
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2022/10/Red-Team-Blog-BG.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:54:25 GMT
x-content-type-options
nosniff
age
191478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25500
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:54:25 GMT
modules.woff
www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.woff
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622-late.css?ver=1716936066
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/et-divi-dynamic-tb-242536-tb-4381-tb-243092-260622-late.css?ver=1716936066
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
10320
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
nginx
etag
"663035be-2850"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:48:40 GMT
x-content-type-options
nosniff
age
191823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25656
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:17:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:48:40 GMT
fa-solid-900.woff2
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/ 		78 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
etag
"663035be-139ac"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-solid-900.woff2>; rel="canonical"
date
Thu, 30 May 2024 20:05:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:20:00
content-length
80300
x-xss-protection
"1; mode=block"
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-requestpullcode
200
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
083136c0e279cca729e9ab58c516423f
accept-ranges
bytes
cdn-status
200
cdn-requestpullsuccess
True
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:46:31 GMT
x-content-type-options
nosniff
age
191952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25320
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:46:31 GMT
S6uyw4BMUTPHjxAwXg.woff2
fonts.gstatic.com/s/lato/v24/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXg.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
386a206aade080bb0045005cfdbb660430ed46d652039eef6bc299d54d7c43ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:44:28 GMT
x-content-type-options
nosniff
age
192075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25284
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:44:28 GMT
fa-brands-400.woff2
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
etag
"663035be-1327c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-brands-400.woff2>; rel="canonical"
date
Thu, 30 May 2024 20:05:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:20:00
content-length
78460
x-xss-protection
"1; mode=block"
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-requestpullcode
200
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
e243d2bf43b9a968166a8cb2510a8e73
accept-ranges
bytes
cdn-status
200
cdn-requestpullsuccess
True
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 15:17:38 GMT
x-content-type-options
nosniff
age
190085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23316
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 15:17:38 GMT
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=CVE-2024-23108%3A%20Fortinet%20FortiSIEM%202nd%20Order%20Command%20Injection%20Deep-Dive%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
/
Resource Hash
615c9dcdcb25f976ff044f434b632e88ebb0031e85d07281751ddddb80f580de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
Date
Thu, 30 May 2024 20:05:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
537
expires
Thu, 19 Nov 1981 08:52:00 GMT
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/ 		0
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 30 May 2024 20:05:43 GMT
via
1.1 google
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
x-powered-by
Express
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPPJvqk8QG8eFggbTfGUurZnU209PqLDZdO4DWRqy7t3skAxHTyRitqW7YxJh5H8NW03TUmy1QXrrh1Mv9aDx%2BqIwKJPqOYrJkvuFiB2gm8J0aZcpZiBVNUYjcgzbBmvBvtsH5E1IJUfQdt2nXq9jbjT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
88c1573349a71afa-AMS
Content-Length
0
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
88c1573288ea1afa-AMS
Connection
keep-alive
Content-Length
0
Date
Thu, 30 May 2024 20:05:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3alxCHG6kL%2FiADSneuR%2FWgI8%2BN4ZyJ4%2FVJS7Z9jpN8%2FJZMftp9GUmf5SL362mTmFUaZENk20GK%2F0neuPDA79fAYhP8IJXQIl15NXX3x8Abg9sMsVP%2FStvgj%2F6X23CUS0DKfkG7wL96Okf0aAAHlJO%2BN"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
fonts.gstatic.com/s/rubik/v28/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:56:25 GMT
x-content-type-options
nosniff
age
191358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32848
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:56:25 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
fonts.gstatic.com/s/rubik/v28/ 		68 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 08:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37076
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 08:06:07 GMT
Email_Logo.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/Email_Logo.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2c8a5a9e00ece176ee83b23eef0d0d721effe3fcc0707ca2ef9c80b6fcb9dc2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
8488
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fe-2128"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ec7b5f4d6d2c3d5b5e743282018d82c0
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2022/08/Email_Logo.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
12820
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:36 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e1900-3214"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
663562c6891334fcf79926429bdca321
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
video-game-sword.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/ 		470 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/video-game-sword.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 16:07:20
cdn-pullzone
1682947
content-length
470
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:27 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18f7-1d6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bd8a979d6e57e2dcf2e5df05be6731d3
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2023/09/video-game-sword.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Target-Path-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
8788
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Mar 2024 16:41:17 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f085ad-2254"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bb90a4fc138a0f02dd10e370b8e1a2d6
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
entra_compromise_2-980x367.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
798b31a18cae3f6010e75b292d5efa21b347cb479c319b0b7344e023f1ed022a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
15310
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 May 2024 00:33:44 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"664bebe8-3bce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d3c44bdad6c863c69bf68275210d2db8
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Wild-Bird-Eagle-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9782e3d5058b8388a63b064ecef2b128614205e1e003382c7bb8d6f13b3c912b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
11066
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Mar 2024 23:01:21 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65ef8d41-2b3a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d027859876261d4b7224b04a938d0bac
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
24-VSA-CV.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/24-VSA-CV.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
eb26d806205f76aa405e71e7e08897babf02c5ff4d8c8e54284b8fd8f03e9906
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
20780
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 May 2024 15:32:35 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"664b6d13-512c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
50cac10a60dc66961707c77cab78036d
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/24-VSA-CV.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
400x250-Award-SA-Badge-24.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/400x250-Award-SA-Badge-24.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b0dba2938a5a6e40fead832afd0ecf705d90368500d81d1a7644b48349eedc89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:58
cdn-pullzone
1682947
content-length
13966
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 May 2024 20:50:45 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"663be5a5-368e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
6cccec2fba42604220b974a7d7009d9c
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/400x250-Award-SA-Badge-24.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
modules.woff
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
etag
"663035be-167b4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff>; rel="canonical"
date
Thu, 30 May 2024 20:05:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:20:00
content-length
92084
x-xss-protection
"1; mode=block"
last-modified
Tue, 30 Apr 2024 00:05:18 GMT
server
BunnyCDN-DE1-1080
cdn-requestpullcode
200
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
c9bcf28ee3693c66e37643f3b1c1da25
accept-ranges
bytes
cdn-status
200
cdn-requestpullsuccess
True
analytics
go.horizon3.ai/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.horizon3.ai/analytics?conly=true&visitor_id=120764620&visitor_id_sign=4ebccdfa6610155573dcbc03862665a320492df324893476c0bcdeb8b9c94e6dd1c1e3d5cf8ac38f5e3f1b9570eef9bb4cd05436&pi_opt_in=&campaign_id=17120&account_id=972073&title=CVE-2024-23108:%20Fortinet%20FortiSIEM%202nd%20Order%20Command%20Injection%20Deep-Dive%20%E2%80%93%20Horizon3.ai&url=https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=CVE-2024-23108%3A%20Fortinet%20FortiSIEM%202nd%20Order%20Command%20Injection%20Deep-Dive%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
Date
Thu, 30 May 2024 20:05:44 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
x-pardot-canary
true
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
px.ads.linkedin.com/wa/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:44 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 39E7B6CEA5C44BE8955B4AA385401AD5 Ref B: FRAEDGE1317 Ref C: 2024-05-30T20:05:44Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://www.horizon3.ai
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYZsWReuVvP+b68cY3gPA==
admin-ajax.php
www.horizon3.ai/wp-admin/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-admin/admin-ajax.php
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
f699c950a3249853c07d8f4e9818afd14ec205e91d7a6fd201f1ab7e393c2674
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
WP Engine
content-length
768
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.horizon3.ai
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
Menu-BG-NodeZero-v2.png
www.horizon3.ai/wp-content/uploads/2023/11/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.horizon3.ai/wp-content/uploads/2023/11/Menu-BG-NodeZero-v2.png
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-260622.min.css?ver=1716936070
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f677faa4afd9b8b4424f9021d8e6c09892ace736ca435ceaba00c6b030cc1846
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/260622/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-260622.min.css?ver=1716936070
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:44 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
103768
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Nov 2023 00:52:55 GMT
server
nginx
etag
"655567e7-19558"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
cropped-favicon-32x32.png
p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/cropped-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 20:05:44 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
05/29/2024 13:19:59
cdn-pullzone
1682947
content-length
1932
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:40 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e1904-78c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
4ded2d7af4f392dc53038e84eaa2fbc5
accept-ranges
bytes
cdn-requestcountrycode
DE
link
<https://www.horizon3.ai/wp-content/uploads/2021/06/cropped-favicon-32x32.png>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-V462VSRXXS&gtm=45je45m0v889089095za200zb852319646&_p=1717099542739&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1969912032.1717099543&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717099543&sct=1&seg=0&dl=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fcve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive%2F&dt=CVE-2024-23108%3A%20Fortinet%20FortiSIEM%202nd%20Order%20Command%20Injection%20Deep-Dive%20%E2%80%93%20Horizon3.ai&en=scroll&epn.percent_scrolled=90&_et=28&tfd=6236
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 20:05:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.horizon3.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERENCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| loadmore_ajax_object object| elm object| dataLayer function| sixteenNine object| _ml object| et_animation_data object| tribe_l10n_datatables object| google_tag_manager object| google_tag_data function| rdt string| piAId string| piCId string| piHostname string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| iframeSelector string| gaEventName undefined| iframeListener object| analytics object| __DD_TEMP_ANALYTICS__ object| script function| updateUrlWithUid function| redditNormalizeEmail boolean| _already_called_lintrk function| autoIdentify object| Grnhse object| _grnhse function| getParam function| getExpiryRecord function| addGclid function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements object| JSON3 function| setImmediate function| clearImmediate string| Integration function| normalize function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| salvattore object| DiviBlogExtrasFrontendData object| addComment object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| wp function| Swiper function| moment function| daterangepicker function| onYouTubeIframeAPIReady object| gaGlobal object| eventFeeddecm_event_display_0_tb_header object| et_pb_motion_elements object| ziws object| et_pb_sticky_elements object| ET_Builder object| ET_FE object| ET_FB object| _0xf102 function| _0x20fb object| CG function| _cg_convert function| cg_convert function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms function| et_pb_slider_init function| et_pb_image_lightbox_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_init function| et_pb_reinit_circle_counters function| et_pb_circle_counter_update function| et_pb_reinit_number_counters function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse object| ORIBILI string| et_location_hash function| et_pb_init_woo_custom_button_icon string| waypointContextKey

30 Cookies

Domain/Path Name / Value
.horizon3.ai/ Name: _gcl_au
Value: 1.1.1925104818.1717099543
.horizon3.ai/ Name: _rdt_uuid
Value: 1717099542939.a566d003-86b2-4e29-9d2f-f054218b6e34
.horizon3.ai/ Name: ajs_user_id
Value: null
.horizon3.ai/ Name: ajs_group_id
Value: null
.horizon3.ai/ Name: ajs_anonymous_id
Value: %2295ab86fa-bd60-44b8-84f5-e18c0f30c076%22
.ws.zoominfo.com/ Name: visitorId
Value: 4ce6f48d21228ff5ad3c829b88d2a410e06e80f4f02ee48b47f27cf2f72ff6f9
.zoominfo.com/ Name: __cf_bm
Value: E2nl9P165XQwdg4nmUWATxWTboLunAWJxEXl5w5WrIU-1717099543-1.0.1.1-ad6oonCZiNi5IdReOsdAtuVGALlRFkG_jl5OaElj_.ygPQiOBJmx7BuwUua4LVnpF5GvwFRwZoHjSc_OjIXJ0g
.zoominfo.com/ Name: _cfuvid
Value: oZIBOF96aFTfVJ6UJr.RW6iiJznSV20M70ZxW9BFAEA-1717099543019-0.0.1.1-604800000
.horizon3.ai/ Name: _ga
Value: GA1.1.1969912032.1717099543
.horizon3.ai/ Name: _ga_V462VSRXXS
Value: GS1.1.1717099543.1.0.1717099543.60.0.0
.linkedin.com/ Name: li_sugr
Value: a8b09cdd-cfeb-473b-84e6-6200cfdbfe9f
.linkedin.com/ Name: bcookie
Value: "v=2&2d9922c8-60db-4ed4-810c-5744f09a53fd"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3333:u=1:x=1:i=1717099543:t=1717185943:v=2:sig=AQGKMCHxSs72mcPExBk0l6uE3sfFZ30b"
www.horizon3.ai/ Name: cookielawinfo-checkbox-necessary
Value: yes
www.horizon3.ai/ Name: cookielawinfo-checkbox-functional
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-performance
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-analytics
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-advertisement
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-others
Value: no
.linkedin.com/ Name: UserMatchHistory
Value: AQLc3pSLD_jquQAAAY_LG7sjZYW_FYdczNJ0embOBOCitQm59WQw5MWBXvYBcVc5y3eloCMEm48gig
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLoIYy2ww0mmwAAAY_LG7sknsm7u6RcdMAg3neKzP8LAum0rs0YxBVtTEOF0ydNen1KFmswkvEgY8kwDKLDYg
.www.linkedin.com/ Name: bscookie
Value: "v=1&202405302005436f56e153-5208-43ec-85be-bd4e9bf6496cAQHOLZl2_629qMnJmi17jutgRAcYAZFO"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTcwOTk1NDM7MjswMjEACSUy/PwBKcCBHrx8Qf6/deKUBe+r70UULTpl4ahx4Q==
.pardot.com/ Name: visitor_id971073
Value: 120764620
.pardot.com/ Name: visitor_id971073-hash
Value: 4ebccdfa6610155573dcbc03862665a320492df324893476c0bcdeb8b9c94e6dd1c1e3d5cf8ac38f5e3f1b9570eef9bb4cd05436
pi.pardot.com/ Name: lpv971073
Value: aHR0cHM6Ly93d3cuaG9yaXpvbjMuYWkvYXR0YWNrLXJlc2VhcmNoL2N2ZS0yMDI0LTIzMTA4LWZvcnRpbmV0LWZvcnRpc2llbS0ybmQtb3JkZXItY29tbWFuZC1pbmplY3Rpb24tZGVlcC1kaXZlLw%3D%3D
www.horizon3.ai/ Name: visitor_id971073
Value: 120764620
www.horizon3.ai/ Name: visitor_id971073-hash
Value: 4ebccdfa6610155573dcbc03862665a320492df324893476c0bcdeb8b9c94e6dd1c1e3d5cf8ac38f5e3f1b9570eef9bb4cd05436
go.horizon3.ai/ Name: visitor_id971073
Value: 120764620
go.horizon3.ai/ Name: visitor_id971073-hash
Value: 4ebccdfa6610155573dcbc03862665a320492df324893476c0bcdeb8b9c94e6dd1c1e3d5cf8ac38f5e3f1b9570eef9bb4cd05436

54 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/(Line 4366)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/(Line 4366)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/(Line 4366)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
boards.greenhouse.io
cdn.dreamdata.cloud
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
go.horizon3.ai
io.clickguard.com
ml314.com
p7i3u3x3.rocketcdn.me
pi.pardot.com
pixel-config.reddit.com
pulse.clickguard.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
ws.zoominfo.com
www.google.de
www.googletagmanager.com
www.horizon3.ai
www.linkedin.com
www.redditstatic.com
104.197.16.226
13.107.42.14
151.101.1.140
151.101.193.140
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2606:4700:20::681a:d98
2606:4700:20::ac43:44c4
2606:4700::6810:762b
2606:4700::6811:190e
2606:4700::6812:ba1f
2620:1ec:21::14
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:400c:c06::9c
2a02:26f0:3500:16::215:149b
2a04:4e42:400::649
2a04:4e42:600::396
3.215.172.219
34.117.77.79
34.120.220.80
52.54.96.194
54.174.246.212
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
193cde4c958b95fe277c44a7c8d59f58b9d9069f6cdd0e30c72e6cf2dff29cce
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
2c8a5a9e00ece176ee83b23eef0d0d721effe3fcc0707ca2ef9c80b6fcb9dc2b
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
386a206aade080bb0045005cfdbb660430ed46d652039eef6bc299d54d7c43ed
3a90b9f96a76c6d7ee4e890525f1bcfc1885627aa8e8d75f795186875171582c
3b0b3b2876c9a3ed08e9cf6b115cb335783e93148c12b0811202e1fe69da3755
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
42533cfc647d950631655f901e1cdebdeab3737487d6c3d848b2440ad12b1465
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
488beee138113684a258f1a98e1a3567f3dec58b9417dbd0d610e3c6f329f656
520d86448cb327bda6292fcea5a98b8e1e1800aa90c0f136b66a4a96ebb39ed7
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
56225395e4b09aad955dcebc4d496e651880814e0a036a593bd667194b78a64c
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79
615c9dcdcb25f976ff044f434b632e88ebb0031e85d07281751ddddb80f580de
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
66c5889779331f1942f8bf56933acbab2f3c264c7e77f367795a8cb04506e9ff
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
72b9ab3f611cc91dc8a0ab966a8d3cd0e721c17c3d27953514527c2ce5c1bf1e
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
751a73d9a95700a13e0592a06cfa3680c9a50f8105bcc1332b4ed0b92dc78ca2
798b31a18cae3f6010e75b292d5efa21b347cb479c319b0b7344e023f1ed022a
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
837f3f510b4be76f36c097ca94f9efe87c0a0581daf5e8b2bf980d9f3788bc37
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8cd9f7a987ec2f62408533ab4ac13ef1e7b1cd9300f4d28b721cbe71e13dc50d
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
940182bae6178cfff051e4c8895800b7c62da5f40f27b1b50fc34c96637dc170
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
9531dd9e8a1aec3b9d6de4f21d39bacde94d61adb18b9bf5df62e500d2dc5379
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
9782e3d5058b8388a63b064ecef2b128614205e1e003382c7bb8d6f13b3c912b
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99c8e52f4537382952c1c4bc6cfc666491f6ab0b16f5e72f48b4e432204e2b8c
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
9c2c18aa2a9a6b68a008445912b9e1c619c971ef03702798bce62150e3f95f0c
9ccbe8ceae9d2553c597d0a65f19928d14f42368ddd1118d69a968c2c9912161
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
a61cce9d5adf6f563f4c6bfae313901e64290e136f363e1853f6a0d96f052732
a8d1aed5da63448904839dc17fba4941f6159cd4f96dc7b399ee576110759553
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
b0dba2938a5a6e40fead832afd0ecf705d90368500d81d1a7644b48349eedc89
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6b4344f9f7607f872805d649e08b60c471d9a7ebba897f9f08bc07b16310fe
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce152df754b25a3fcd668688155c288f268481561aa6e31bd8542544be1ef9aa
d0606dcbe3bc47a9ff10d8bc52b0042c2040bed75c8382bcb534230aea248d3b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51e19db4305a39866527982780d253af76c071540c09f2b215cab4b08de2b10
e74280e28094cb4792f2e647de9d0d456f7115efb5ff3538f98ae0b7b4c23780
eb26d806205f76aa405e71e7e08897babf02c5ff4d8c8e54284b8fd8f03e9906
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71ea60e9d99a764eae745ada2724a4bc3175114330ee3786d144831e562147
f3356d61520361186d3866efd594e4fcff24d93270952958d79142bcc8665639
f677faa4afd9b8b4424f9021d8e6c09892ace736ca435ceaba00c6b030cc1846
f699c950a3249853c07d8f4e9818afd14ec205e91d7a6fd201f1ab7e393c2674
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
f988466c42d1f2b5bb177b6221783d53b8ee21e9e3399c502ab3689f56fbc19e
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
ff4e0b124a2548dda364996cb7b7ef5b7cb657f0906309bc9a501cb0b46ff666