www.fortinet.com
Open in
urlscan Pro
2600:1f16:160:aa02:4c34:efb7:29af:4543
Public Scan
URL:
https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
Submission: On July 24 via api from DE — Scanned from CA
Submission: On July 24 via api from DE — Scanned from CA
Summary
This website contacted 27 IPs
in 1 countries
across 34 domains to perform 129 HTTP transactions.
The main IP is 2600:1f16:160:aa02:4c34:efb7:29af:4543, located in
Columbus, United States and
belongs to AMAZON-02, US.
The main domain is www.fortinet.com.
The Cisco Umbrella rank of the primary domain is 221752.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 16th 2024. Valid for: a year.
This is the only time www.fortinet.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 16th 2024. Valid for: a year.
This is the only time www.fortinet.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
33
2600:1f16:160:aa02:4c34:efb7:29af:4543
(Columbus, United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| www.fortinet.com |
2
34.196.24.158
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-24-158.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-24-158.compute-1.amazonaws.com
| dpm.demdex.net |
1
52.73.147.18
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-147-18.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-147-18.compute-1.amazonaws.com
| fortinet.demdex.net |
1
52.33.109.89
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-109-89.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-109-89.us-west-2.compute.amazonaws.com
| cm.everesttech.net |
1
63.140.39.22
(United States)
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-22.data.adobedc.net
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-22.data.adobedc.net
| fortinet.tt.omtrdc.net |
6
23.212.248.22
(Ashburn, United States)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-22.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-22.deploy.static.akamaitechnologies.com
| j.6sc.co | |
| c.6sc.co | |
| b.6sc.co |
3
23.210.1.94
(Ashburn, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-1-94.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-1-94.deploy.static.akamaitechnologies.com
| amplify.outbrain.com | |
| wave.outbrain.com |
2
2400:52e0:1a00::1206:2
(Chicago, United States)
ASN200325 (BUNNYCDN, SI)
ASN200325 (BUNNYCDN, SI)
| a.opmnstr.com | |
| a.omappapi.com |
2
13.248.142.121
(United States)
ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com
| epsilon.6sense.com |
1
52.32.164.86
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-164-86.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-164-86.us-west-2.compute.amazonaws.com
| abm-tracking.demandscience.com |
1
52.7.151.245
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com
| dx.mountain.com |
| Domain | Requested by | |
|---|---|---|
| 33 | www.fortinet.com |
www.fortinet.com
|
| 22 | assets.adobedtm.com |
cdn.cookielaw.org
assets.adobedtm.com |
| 6 | www.googletagmanager.com |
assets.adobedtm.com
www.googletagmanager.com |
| 6 | cdn.cookielaw.org |
www.fortinet.com
cdn.cookielaw.org |
| 4 | b.6sc.co | |
| 2 | connect.facebook.net |
www.fortinet.com
connect.facebook.net |
| 2 | 10104846.fls.doubleclick.net |
1 redirects
assets.adobedtm.com
|
| 2 | epsilon.6sense.com |
j.6sc.co
|
| 2 | tr.outbrain.com |
amplify.outbrain.com
|
| 2 | bat.bing.com |
assets.adobedtm.com
bat.bing.com |
| 2 | amplify.outbrain.com |
www.fortinet.com
amplify.outbrain.com |
| 2 | script.crazyegg.com |
www.fortinet.com
script.crazyegg.com |
| 2 | dpm.demdex.net |
www.fortinet.com
|
| 1 | siteimproveanalytics.com |
assets.adobedtm.com
|
| 1 | www.google-analytics.com |
www.googletagmanager.com
|
| 1 | dx.mountain.com |
www.fortinet.com
|
| 1 | pixel.mathtag.com |
www.fortinet.com
|
| 1 | tmp.argusplatform.com |
www.fortinet.com
|
| 1 | abm-tracking.demandscience.com |
www.fortinet.com
|
| 1 | trk.techtarget.com |
www.fortinet.com
|
| 1 | api.omappapi.com |
a.opmnstr.com
|
| 1 | a.omappapi.com |
a.opmnstr.com
|
| 1 | wave.outbrain.com |
amplify.outbrain.com
|
| 1 | ipv6.6sc.co |
j.6sc.co
|
| 1 | c.6sc.co |
j.6sc.co
|
| 1 | a.opmnstr.com |
assets.adobedtm.com
|
| 1 | j.6sc.co |
www.fortinet.com
|
| 1 | fortinet.tt.omtrdc.net |
www.fortinet.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | fortinet.demdex.net |
www.fortinet.com
|
| 1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
| 0 | www.facebook.com Failed | |
| 0 | 6033413.global.siteimproveanalytics.io Failed | |
| 0 | ml314.com Failed |
www.fortinet.com
|
| 0 | snap.licdn.com Failed |
www.fortinet.com
|
| 0 | webtracker.argusplatform.com Failed |
tmp.argusplatform.com
|
| 0 | pixels.argusplatform.com Failed |
tmp.argusplatform.com
|
| 0 | 18.210.229.244 Failed |
dx.mountain.com
|
| 0 | intentstream.contanuity.com Failed |
abm-tracking.demandscience.com
|
| 0 | cdn.jsdelivr.net Failed |
abm-tracking.demandscience.com
|
| 0 | ibc-flow.techtarget.com Failed |
trk.techtarget.com
|
| 0 | ad.doubleclick.net Failed | |
| 0 | googleads.g.doubleclick.net Failed |
www.googletagmanager.com
|
| 0 | tags.inzynk.io Failed |
assets.adobedtm.com
|
| 0 | metrics.fortinet.com Failed | |
| 0 | ib.adnxs.com Failed | |
| 0 | secure.adnxs.com Failed | |
| 0 | static.ads-twitter.com Failed |
www.fortinet.com
|
| 129 | 48 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.linkedin.com |
| www.twitter.com |
| www.youtube.com |
| www.instagram.com |
| www.facebook.com |
| fortiguard.com |
| community.fortinet.com |
| investor.fortinet.com |
| onetrust.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.fortinet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-16 - 2025-07-15 |
a year | crt.sh |
| cookielaw.org Cloudflare Inc ECC CA-3 |
2024-03-01 - 2024-12-31 |
10 months | crt.sh |
| onetrust.com Cloudflare Inc ECC CA-3 |
2023-11-13 - 2024-11-12 |
a year | crt.sh |
| assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-09 - 2025-08-09 |
a year | crt.sh |
| *.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
| *.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-22 - 2024-09-21 |
a year | crt.sh |
| 6sc.co R11 |
2024-07-03 - 2024-10-01 |
3 months | crt.sh |
| script.crazyegg.com E1 |
2024-06-03 - 2024-09-01 |
3 months | crt.sh |
| *.outbrain.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-14 - 2024-12-14 |
a year | crt.sh |
| a.opmnstr.com R11 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
| www.bing.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-06-19 - 2024-12-16 |
6 months | crt.sh |
| *.google-analytics.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
| *.6sense.com Amazon RSA 2048 M03 |
2024-04-23 - 2025-05-22 |
a year | crt.sh |
| a.omappapi.com R11 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
| omappapi.com WE1 |
2024-06-16 - 2024-09-14 |
3 months | crt.sh |
| trk.techtarget.com WE1 |
2024-07-23 - 2024-10-21 |
3 months | crt.sh |
| abm-tracking.demandscience.com R11 |
2024-06-14 - 2024-09-12 |
3 months | crt.sh |
| tmp.argusplatform.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2024-04-23 - 2024-10-23 |
6 months | crt.sh |
| *.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-04-23 - 2025-04-30 |
a year | crt.sh |
| *.mountain.com Go Daddy Secure Certificate Authority - G2 |
2024-05-23 - 2025-06-24 |
a year | crt.sh |
| *.doubleclick.net WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-05-02 - 2024-07-31 |
3 months | crt.sh |
| siteimproveanalytics.com WE1 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
Frame ID: BF0FA2792F589455FCF307682C3968EF
Requests: 127 HTTP requests in this frame
Frame:
https://fortinet.demdex.net/dest5.html?d_nsid=0
Frame ID: 1D65608C100856055B829E36D90A0E02
Requests: 1 HTTP requests in this frame
Frame:
https://10104846.fls.doubleclick.net/activityi;dc_pre=CJaK6qjJv4cDFWca-QAdh1IHOw;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9310756004056.584
Frame ID: 46C83F24A9B7625793DD247F36B9E9A9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Exploiting CVE-2024-21412: A Stealer Campaign Unleashed | FortiGuard LabsDetected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /etc/designs/
- /etc\.clientlibs/
Crazy Egg
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
OneTrust
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
TrackJs
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- tracker\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://www.linkedin.com/company/fortinet
Search URL Search Domain Scan URL
URL: https://www.twitter.com/fortinet
Search URL Search Domain Scan URL
URL: https://www.youtube.com/channel/UCJHo4AuVomwMRzgkA5DQEOA?sub_confirmation=1
Search URL Search Domain Scan URL
URL: https://www.instagram.com/fortinet/
Search URL Search Domain Scan URL
URL: https://www.facebook.com/fortinet
Search URL Search Domain Scan URL
URL: https://fortiguard.com/
Title: FortiGuard Labs
Title: FortiGuard Labs
Search URL Search Domain Scan URL
URL: https://community.fortinet.com/
Title: Fortinet Community
Title: Fortinet Community
Search URL Search Domain Scan URL
URL: https://investor.fortinet.com/
Title: Investor Relations
Title: Investor Relations
Search URL Search Domain Scan URL
URL: https://onetrust.com/poweredbyonetrust
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- https://cm.everesttech.net/cm/dd?d_uuid=08045493676409028892757028854392367219 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqDlbwAAAHwA1QM0
- https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9310756004056.584 HTTP 302
- https://10104846.fls.doubleclick.net/activityi;dc_pre=CJaK6qjJv4cDFWca-QAdh1IHOw;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9310756004056.584
129 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
exploiting-cve-2024-21412-stealer-campaign-unleashed
www.fortinet.com/blog/threat-research/ |
70 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
visitorapi.min.js
www.fortinet.com/etc/designs/fortinet/adb-target/ |
64 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
at.js
www.fortinet.com/etc/designs/fortinet/adb-target/ |
104 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-base.min.900b148ab7b87024003111a1245cca9c.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ |
540 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ |
32 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
toc-icon.jpg
www.fortinet.com/content/dam/fortinet/images/ |
1 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ |
160 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f85f39fc-d7aa-467a-b762-fbb722748016.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/ |
5 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
71 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cve-2024-21412-hero.png
www.fortinet.com/content/dam/fortinet-blog/article-heros/ |
429 KB 431 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
www.fortinet.com/etc/designs/fortinet/gfonts/ |
37 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-1.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image.img.png/1721335821214/ |
85 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy.img.png/1721340599411/ |
62 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-3.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy.img.png/1721338963877/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-3-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_110863164.img.png/1721338977125/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-4.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy.img.png/1721339893610/ |
255 KB 256 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-5.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_967242649.img.png/1721339920989/ |
736 KB 737 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-6.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1215818884.img.png/1721340297519/ |
226 KB 227 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-6-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_386732739.img.png/1721340317097/ |
251 KB 252 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-7.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1175059951.img.png/1721340377992/ |
485 KB 486 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-8.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1558477246.img.png/1721340431350/ |
36 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-8-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_447561515.img.png/1721340453929/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-9.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_299690718.img.png/1721340797851/ |
548 KB 549 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-10.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_486093180.img.png/1721341353108/ |
536 KB 537 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-11.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1792784929.img.png/1721341661455/ |
495 KB 497 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-12.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_125801863.img.png/1721341839402/ |
54 KB 55 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-13.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1354616904.img.png/1721341858282/ |
508 KB 509 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-14.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_210389830.img.png/1721341914790/ |
287 KB 288 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-15.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1279974212.img.png/1721341938787/ |
102 KB 103 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-16.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_398882795.img.png/1721341971772/ |
270 KB 271 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-17.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1313884336.img.png/1721342021064/ |
192 KB 193 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stealer-18.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_991419676.img.png/1721342039151/ |
230 KB 231 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
67 B 305 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.10.0/ |
356 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/29891b98-4435-469c-84ae-791eaa28c9e1/ |
99 KB 24 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
www.fortinet.com/etc/designs/fortinet-blog/ |
318 B 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ |
13 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ |
45 KB 12 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
817 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
assets.adobedtm.com/ |
500 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
dpm.demdex.net/ |
367 B 912 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dest5.html
fortinet.demdex.net/ Frame 1D65 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=411&dpuuid=ZqDlbwAAAHwA1QM0
dpm.demdex.net/ Redirect Chain
|
42 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
fortinet.tt.omtrdc.net/rest/v1/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ |
35 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6si.min.js
j.6sc.co/ |
68 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0786.js
script.crazyegg.com/pages/scripts/0117/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
28 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.min.js
a.opmnstr.com/app/js/ |
51 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
49 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCac955f2e1e97429197e1e31aaec22e86-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
1 KB 942 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC41e16e9b16d1408cbf43b5b2e7378738-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
9 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC448863e9e05a4b4880daa4a5fb7da328-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
358 B 485 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCa4add8b607f6404fbd2aba7ee4b9abad-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
703 B 684 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
354 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC06cd6a06a307489f80febc787462cb12-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
635 B 642 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC190d282f2b9c4848b2ea08ca5751fa40-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
2 KB 1013 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC7be3d22b2fd6487ca9390477738587fe-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
819 B 758 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC407b573180554ea6b11eecdc31ecbd3f-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
819 B 756 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC1d92f04752ae42a38e54de48cb85adf4-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
661 B 649 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCf940460311f349b5af69d075bdef61d4-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
368 B 493 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCcb6e8e438d1741e6854bf3a039a2565a-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
754 B 705 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCbbd24be21a0f4115a18f29bb3fee2a7a-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
2 KB 971 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCf5bd1991cad84a7294a7b609189a1fa5-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
1021 B 857 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCcd84e40d19c24776bef77836ab2f8df6-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
819 B 758 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC4daaa3cd330f4ee2934602a98dab7c5f-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
388 B 499 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC17482cd8da9b4802a76d2f1e017d90ab-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
1 KB 779 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC5c60a51709a94068afbf065e1448b617-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
664 B 657 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC0ba76d5bbb984ea6a79cd6308c48dbff-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
2 KB 981 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC0829ccf7bc5a44478ae2705d4c111c37-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ |
966 B 809 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flyin-fortiguard-labs-outbreak-alerts-346x172.png
www.fortinet.com/content/dam/fortinet/images/promos/pzn/ |
35 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
c.6sc.co/ |
7 B 194 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
ipv6.6sc.co/ |
23 B 318 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
www.fortinet.com.json
script.crazyegg.com/pages/data-scripts/0117/0786/site/ |
1 KB 747 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
unifiedPixel
tr.outbrain.com/ |
53 B 321 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cachedClickId
tr.outbrain.com/ |
35 B 293 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
00ad3119690e692fd6990245f9741ea8f1
wave.outbrain.com/mtWavesBundler/handler/ |
2 B 516 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
topics
amplify.outbrain.com/ |
26 B 301 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
details
epsilon.6sense.com/v3/company/ |
735 B 712 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
details
epsilon.6sense.com/v3/company/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
17532650.js
bat.bing.com/p/action/ |
335 B 412 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.min.css
a.omappapi.com/app/js/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
39852
api.omappapi.com/v2/embed/ |
165 B 594 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracking.js
trk.techtarget.com/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tag.js
abm-tracking.demandscience.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wid.tracker.js
tmp.argusplatform.com/js/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js
pixel.mathtag.com/event/ |
161 B 711 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spx
dx.mountain.com/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer-links.json
www.fortinet.com/content/dam/fortinet-blog/ |
310 KB 36 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
245 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
210 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
226 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
237 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
312 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
uwt.js
static.ads-twitter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
px
secure.adnxs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
seg
ib.adnxs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
s77226850091847
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.26.0-LDQM/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
iztag.js
tags.inzynk.io/0ulh3gex/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
0
bat.bing.com/action/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
activity;src=10050195;npa=0;auiddc=1671070985.1721820529;ps=1;pcor=107418002;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb9123037237;gcd=13l3l3l3l1;...
ad.doubleclick.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
activity;register_conversion=1;src=10050195;npa=0;auiddc=1671070985.1721820529;ps=1;pcor=107418002;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb9123...
ad.doubleclick.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS |
gif.gif
ibc-flow.techtarget.com/a/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
gif.gif
ibc-flow.techtarget.com/a/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fp.min.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
site-visitors
intentstream.contanuity.com/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS |
site-visitors
intentstream.contanuity.com/api/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
img.gif
b.6sc.co/v1/beacon/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
is
18.210.229.244/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
pixels.argusplatform.com/wh/track/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9310756004056.584
10104846.fls.doubleclick.net/activityi;dc_pre=CJaK6qjJv4cDFWca-QAdh1IHOw;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ Frame 46C8 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
224 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
siteanalyze_6033413.js
siteimproveanalytics.com/js/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
webtracker.argusplatform.com/wh/track/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
tag.aspx
ml314.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
image.aspx
6033413.global.siteimproveanalytics.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
177020962864941
connect.facebook.net/signals/config/ |
60 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.facebook.com/tr/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
img.gif
b.6sc.co/v1/beacon/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.ads-twitter.com
- URL
- https://static.ads-twitter.com/uwt.js
- Domain
- secure.adnxs.com
- URL
- https://secure.adnxs.com/px?id=1773420&t=2
- Domain
- ib.adnxs.com
- URL
- https://ib.adnxs.com/seg?add=36113683
- Domain
- metrics.fortinet.com
- URL
- https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.26.0-LDQM/s77226850091847?AQB=1&ndh=1&pf=1&t=24%2F6%2F2024%204%3A28%3A49%203%20420&sdid=14867BC4613C608D-7F1132942E0561C5&mid=08411786031075444172793583318773074427&aamlh=7&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Aexploiting-cve-2024-21412-stealer-campaign-unleashed&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&cc=USD&events=event3&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&v3=%2B1&c7=Entire%20Site&c8=New&v25=08411786031075444172793583318773074427&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Aexploiting-cve-2024-21412-stealer-campaign-unleashed&v35=Enabled&v92=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&AQE=1
- Domain
- tags.inzynk.io
- URL
- https://tags.inzynk.io/0ulh3gex/iztag.js
- Domain
- bat.bing.com
- URL
- https://bat.bing.com/action/0?ti=17532650&tm=al001&Ver=2&mid=acafe57a-100d-4c49-b6f0-d3db5187cfe6&sid=e5b472f049af11efa88d01194b9483b4&vid=e5b4781049af11ef8ec90dd124409760&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&p=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&r=<=2433&pt=1721820524100,,,,,0,9,9,9,454,43,454,592,657,603,1389,1389,1396,2433,2433,2433&pn=0,0&evt=pageLoad&sv=1&cdb=AQED&rn=826445
- Domain
- googleads.g.doubleclick.net
- URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/?random=1721820529770&cv=11&fst=1721820529770&bg=ffffff&guid=ON&async=1>m=45be47h0v887005625za200zb9123037237&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&hn=www.googleadservices.com&frm=0&tiba=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=1671070985.1721820529&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4
- Domain
- ad.doubleclick.net
- URL
- https://ad.doubleclick.net/activity;src=10050195;npa=0;auiddc=1671070985.1721820529;ps=1;pcor=107418002;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb9123037237;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed?
- Domain
- ad.doubleclick.net
- URL
- https://ad.doubleclick.net/activity;register_conversion=1;src=10050195;npa=0;auiddc=1671070985.1721820529;ps=1;pcor=107418002;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb9123037237;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed?
- Domain
- ibc-flow.techtarget.com
- URL
- https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1247773&r=1721820529861&ref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&version=2.4
- Domain
- ibc-flow.techtarget.com
- URL
- https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1247773&r=1721820529861&ref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&version=2.4
- Domain
- googleads.g.doubleclick.net
- URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/?random=1721820529946&cv=11&fst=1721820529946&bg=ffffff&guid=ON&async=1>m=45be47h0za200zb9123037237&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&hn=www.googleadservices.com&frm=0&tiba=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=1671070985.1721820529&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4
- Domain
- cdn.jsdelivr.net
- URL
- https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
- Domain
- intentstream.contanuity.com
- URL
- https://intentstream.contanuity.com/api/site-visitors?pageIdentifier=fortinet_2712
- Domain
- intentstream.contanuity.com
- URL
- https://intentstream.contanuity.com/api/site-visitors?pageIdentifier=fortinet_2712
- Domain
- googleads.g.doubleclick.net
- URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/?random=1721820530006&cv=11&fst=1721820530006&bg=ffffff&guid=ON&async=1>m=45be47h0za200zb9123037237&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&hn=www.googleadservices.com&frm=0&tiba=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=1671070985.1721820529&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4
- Domain
- b.6sc.co
- URL
- https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=55a6a0fb-7d15-450c-81ca-b50db808c3fa&session=8bd3b1e9-28a5-42d6-8d2d-ced995f1f19c&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2024%20Jul%202024%2011%3A28%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2024%20Jul%202024%2011%3A28%3A49%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%222011%22%7D&isIframe=false&m=%7B%22description%22%3A%22FortiGuard%20Labs%20has%20observed%20a%20stealer%20campaign%20spreading%20multiple%20files%20that%20exploit%20CVE-2024-21412%20to%20download%20malicious%20executable%20files.%20Read%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&pageViewId=1e0fb5b7-3e56-4c3f-82fd-e2926a0faff7&ipv6=2001%3A4958%3A1420%3A151%3A%3A109&v=1.1.22
- Domain
- 18.210.229.244
- URL
- https://18.210.229.244/is
- Domain
- pixels.argusplatform.com
- URL
- https://pixels.argusplatform.com/wh/track/?site_id=C6AC00C8269540D0ABFF19F1B5558B6D&visitor_id=1721820530052483850&event_type=page_request×tamp=1721820530&page_title=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&page_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&page_url_referer=
- Domain
- webtracker.argusplatform.com
- URL
- https://webtracker.argusplatform.com/wh/track/?site_id=C6AC00C8269540D0ABFF19F1B5558B6D&visitor_id=1721820530052483850&event_type=page_request×tamp=1721820531&page_title=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&page_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&page_url_referer=
- Domain
- snap.licdn.com
- URL
- https://snap.licdn.com/li.lms-analytics/insight.min.js
- Domain
- ml314.com
- URL
- https://ml314.com/tag.aspx?246
- Domain
- 6033413.global.siteimproveanalytics.io
- URL
- https://6033413.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&title=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&res=1600x1200&accountid=6033413&rt=6827&prev=7374c97e-3fc4-086e-4ac4-c7b4aa142a39&luid=293589fe-38fa-f72d-f7eb-98f4f5134521&rnd=36558
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/tr/?id=177020962864941&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&rl=&if=false&ts=1721820531108&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721820531105.57232189869045875&ler=empty&cdl=API_unavailable&it=1721820530971&coo=false&rqm=GET
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=177020962864941&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&rl=&if=false&ts=1721820531108&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721820531105.57232189869045875&ler=empty&cdl=API_unavailable&it=1721820530971&coo=false&rqm=FGET
- Domain
- b.6sc.co
- URL
- https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=55a6a0fb-7d15-450c-81ca-b50db808c3fa&session=8bd3b1e9-28a5-42d6-8d2d-ced995f1f19c&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2024%20Jul%202024%2011%3A28%3A51%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2024%20Jul%202024%2011%3A28%3A50%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%223015%22%7D&isIframe=false&m=%7B%22description%22%3A%22FortiGuard%20Labs%20has%20observed%20a%20stealer%20campaign%20spreading%20multiple%20files%20that%20exploit%20CVE-2024-21412%20to%20download%20malicious%20executable%20files.%20Read%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&pageViewId=1e0fb5b7-3e56-4c3f-82fd-e2926a0faff7&ipv6=2001%3A4958%3A1420%3A151%3A%3A109&v=1.1.22
Verdicts & Comments Add Verdict or Comment
131 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| OptanonWrapper object| fortinet_blog object| EasyAutocomplete object| search_config boolean| blogFilter string| documentsQuery function| htmlEncode function| hideAutoComplete function| sitesearch_init function| sitesearch_search_callback function| sitesearch_countall_callback function| sitesearch_do_search function| sitesearch_do_force_search function| sitesearch_spellcheck_callback function| sitesearch_do_spellcheck function| sitesearch_do_suggest_search function| sitesearch_query_searchresult_callback function| sitesearch_do_query_searchresult function| sitesearch_click_page_callback function| sitesearch_click_page function| search_action function| sitesearch_search_fortiguard function| count_facets_type function| shuffle_facets function| setImmediate function| clearImmediate function| $ function| jQuery string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| _satellite boolean| __satelliteLoaded number| timer_e object| _6si function| obApi object| uetq function| gtag function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_ActivityMap object| t object| td boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| apiObj boolean| _storagePopulated function| UET function| UET_init function| UET_push object| ueto_1b71cedffa object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om45602_39852 object| _omq function| omq object| techtargetic function| appendScriptTag string| currentWebsiteUrl string| link object| TAG_INFO string| wid_baseUrl object| wid_cmds object| cookieScriptWindow object| cookieScripts string| cookieScriptDomain boolean| cookieScriptShowBadge string| cookieScriptCurrentUrl string| pagePath string| ftntCampaign function| updateCampaignCookie function| ftntInjectCookieScript function| ftntCookieScriptCreateCookie function| ftntCookieScriptReadCookie string| CE_USER_COMMON_SCRIPT_URL object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| twq object| s_i_fortinetincproduction object| GooglebQhCsO string| dcm_cid string| WID_VISITOR_ID string| WID_EVENT_TYPES string| WID_PAGE_TITLE string| WID_PAGE_URL number| WID_INTERVAL number| WID_IDLE_INTERVAL function| addListenerMulti function| wid_initAgain function| wid_handleAnchorClick function| wid_bundleParams function| wid_handleApiRequest function| wid_fallBackApiRequest function| wid_handleButtonClick function| wid_findParentByTagName function| wid_getCurrentUnixTimestamp function| wid_getCookie function| wid_setCookie function| wid_deleteCookie function| wid_generateRandomGuid function| wid_zeroFill function| wid_str_pad function| wid_rand string| axel number| a function| fbq function| _fbq26 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.fortinet.com/ | Name: cookiesession1 Value: 678A3E2C861C9F3B559B68DC1E9285E5 |
|
| .fortinet.com/ | Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Jul+24+2024+04%3A28%3A46+GMT-0700+(Pacific+Daylight+Time)&version=6.10.0&hosts=&consentId=fb9c9947-02af-42b6-855d-e52320342c95&interactionCount=0&landingPath=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1 |
|
| .fortinet.com/ | Name: at_check Value: true |
|
| .demdex.net/ | Name: demdex Value: 08045493676409028892757028854392367219 |
|
| .fortinet.com/ | Name: AMCVS_ED8739F75677FE917F000101%40AdobeOrg Value: 1 |
|
| .fortinet.com/ | Name: mbox Value: session#8c1519c99bf04fe88eda00c690aa92cc#1721822388|PC#8c1519c99bf04fe88eda00c690aa92cc.34_0#1785065328 |
|
| .fortinet.com/ | Name: mboxEdgeCluster Value: 34 |
|
| .dpm.demdex.net/ | Name: dpm Value: 08045493676409028892757028854392367219 |
|
| www.fortinet.com/ | Name: _gd_visitor Value: 55a6a0fb-7d15-450c-81ca-b50db808c3fa |
|
| www.fortinet.com/ | Name: _gd_session Value: 8bd3b1e9-28a5-42d6-8d2d-ced995f1f19c |
|
| .fortinet.com/ | Name: AMCV_ED8739F75677FE917F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19929%7CMCMID%7C08411786031075444172793583318773074427%7CMCAAMLH-1722425327%7C7%7CMCAAMB-1722425327%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1721827727s%7CNONE%7CMCSYNCSOP%7C411-19936%7CvVersion%7C5.5.0 |
|
| www.fortinet.com/ | Name: _omappvp Value: 9gYu3xl24rZ6z5W6lazhAnt1bsnxJoEF07lqK2LjkhclvHtczCBjWKrSTystnkVnv5pDIFNDtfIUNNArMhlD6oMxi9h0OugQ |
|
| www.fortinet.com/ | Name: _omappvs Value: 1721820528425 |
|
| .fortinet.com/ | Name: _gcl_au Value: 1.1.1671070985.1721820529 |
|
| .fortinet.com/ | Name: gpv_pn Value: www.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed |
|
| .fortinet.com/ | Name: s_getNewRepeat Value: 1721820529189-New |
|
| .fortinet.com/ | Name: s_cc Value: true |
|
| .fortinet.com/ | Name: _uetsid Value: e5b472f049af11efa88d01194b9483b4 |
|
| .fortinet.com/ | Name: _uetvid Value: e5b4781049af11ef8ec90dd124409760 |
|
| www.fortinet.com/ | Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1721820529455%7D |
|
| www.fortinet.com/ | Name: AWSALB Value: c2Avqr5yHbCEC8wt/EFPBFwOvrRgZ3jNRoavwDFSFPFxsj60Omz+VlJAyc+oY1FPfmTu0flhl0FpcOnn6xHQFdP9wwua8R/HRNcOr0LvS27cPm1GBPT92/PtT1F3RmGpaPQxTBa59BC3TLwm1KqL9X1WVr9Hl+qhkdlliU8epQy8d1U0vHWAjwo79QQNkJEPUfJc6ENIYR0FBsLCgET1WzfMmASnNgDI |
|
| www.fortinet.com/ | Name: AWSALBCORS Value: sQMdJpeWq6d9pBKB+McYdOdWs8NMy4tcpf+7kzBOdhfwzCicTjI834ZCiCHWi8Ha1HORnAPOwz+Oo0TkxdzpkkZ7VItSzIhnRT2u/cj4OeVpRai60Gn9Sg+1BdAD29JxoAA0E3bFDRmF1oq1Z83RLbH8kkez/FW3cmD63I6dMZgaZ8Qld0eqS4N6vD6Ls/7IRwZvv1ntmv0ADHmw+MEz4dZHGMsH3Igs |
|
| .techtarget.com/ | Name: __cf_bm Value: 7AvuJPKyTnzoOkr3wK5u6goBemdjPbmscyyIpw3fR08-1721820529-1.0.1.1-Y2eZGcPzeSfMUeWc9Cby2kn.MW9I36Cw5YrXu2x5znSAmmeTHz26CXroitRSdok8_875itNlxmua.73mXCUnPw |
|
| .fortinet.com/ | Name: _ga_JH142QCQCJ Value: GS1.1.1721820530.1.0.1721820530.0.0.0 |
|
| .fortinet.com/ | Name: _ga Value: GA1.1.236412322.1721820530 |
|
| .www.fortinet.com/ | Name: WID_VISITOR_ID Value: 1721820530052483850 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | frame-ancestors 'self' https://www.fortinet.com |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10104846.fls.doubleclick.net
18.210.229.244
6033413.global.siteimproveanalytics.io
a.omappapi.com
a.opmnstr.com
abm-tracking.demandscience.com
ad.doubleclick.net
amplify.outbrain.com
api.omappapi.com
assets.adobedtm.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.cookielaw.org
cdn.jsdelivr.net
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
dx.mountain.com
epsilon.6sense.com
fortinet.demdex.net
fortinet.tt.omtrdc.net
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
ibc-flow.techtarget.com
intentstream.contanuity.com
ipv6.6sc.co
j.6sc.co
metrics.fortinet.com
ml314.com
pixel.mathtag.com
pixels.argusplatform.com
script.crazyegg.com
secure.adnxs.com
siteimproveanalytics.com
snap.licdn.com
static.ads-twitter.com
tags.inzynk.io
tmp.argusplatform.com
tr.outbrain.com
trk.techtarget.com
wave.outbrain.com
webtracker.argusplatform.com
www.facebook.com
www.fortinet.com
www.google-analytics.com
www.googletagmanager.com
18.210.229.244
6033413.global.siteimproveanalytics.io
ad.doubleclick.net
b.6sc.co
bat.bing.com
cdn.jsdelivr.net
googleads.g.doubleclick.net
ib.adnxs.com
ibc-flow.techtarget.com
intentstream.contanuity.com
metrics.fortinet.com
ml314.com
pixels.argusplatform.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
tags.inzynk.io
webtracker.argusplatform.com
www.facebook.com
13.248.142.121
142.251.179.148
2001:4860:4802:36::178
216.200.232.249
23.210.1.94
23.212.248.22
2400:52e0:1a00::1206:2
2600:1408:ac00:19e::1e80
2600:1408:c400:18::17d4:f989
2600:1f16:160:aa02:4c34:efb7:29af:4543
2606:4700:3030::ac43:a3ed
2606:4700:3108::ac42:2908
2606:4700:4400::ac40:973c
2606:4700:4400::ac40:9b77
2606:4700::6813:9308
2606:4700::6813:b134
2607:f8b0:4004:c09::61
2620:1ec:bdf::38
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
34.196.24.158
52.32.164.86
52.33.109.89
52.7.151.245
52.73.147.18
63.140.39.22
70.42.32.255
05b1d251b44fdd42bd27a73eb373440c9957297292c3f13a677eb908648486ee
09edcbeb6bb1f2361271a99cb3369ee93e55c21a4985d8f5cfed37af10d6729d
0b2969b20d4b33763f23481f2dc0f0626a93fdd567798412bf891890047398a3
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0e5f18649f61dd74f9caf157048d64c16ceb0fd2e8b54ed9e3c6ff1ebf22bd24
0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91
11479510b8e81f2fc7c283c1da93226cc0d05d317209769c9c1fa00f1e630bdc
114ed516604e98cd030c85d1be345541019326d2f32bb784626fb13ad57f8744
13c309d0ebac3484b78106413ee31f46abfc690429c64ddf6ceb1b1838424ada
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d7b331a045e0921f57a7aca33a2be27539027cc5b1ded6de5ad38263eddf8a3
262c76a939f7c2d543b0f5669d8958b82954e14e17d79ced7848cd51a36e6b1d
2e69b116cdc6fcb7f58bbeb50f2e308eaf667ef9b2ceb5e6a7695567f6b40524
30ddee8ebf0ffd7c415585a9e3a0e8023deb80ed05b857a4427dbb75790c43bd
370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d
37fd820b496a40f0f5783b425ed0c873d7913a576c0f246e869c5a2be58f787e
3aec02b24881b79afb8d121953096fd5754b07c8d26a295bcd900b0833183933
3e63ed3b834f3a6961e1476a3dfadffb78212feac2bf804352a6926091b4c828
3f36cb484213cafc798ef594c00ffdc27156f0106c63b539c3464bae355fb82a
3f57193ed9b7928c36cb710ac6a4af1583023f928914c094db4995420f7e3a54
404669b3d94f951d5e005752766d9f4e60dc4f44c7aeda8b491f204f71b760af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480e3b349655b6f17b20ec546c300957cad9ffd98b2d29be29db79422ededc52
4855cb988d5a9e02c57483673e2e0a31d434350ae72e7e07bf5ea14a9c002661
4b1dfdf84f81ccef7d37fc96dfd2358c87a40a04b20f063179f2c87fc1d3d382
4dba9e54570483a0624219ec53864f468c9cbdf4f9c1f23821e539de7cb0c9fc
59faeec7cd3ce8eba6b26823c7dd41512a380a8c3329aa0ae0270a72f4645d08
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
5c8950aa928749e3d6b00ab3bac5afceab7cbd1b7833a147befc43e8c91b438e
663fcd2b41d75e07e72ea2622d80566bcf10f1951f7293217d5fd9c9e3e542d8
66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
701769ec99138974c12369fd4acf65a7f99e9a1becbab1e16a89be9859aafc9f
770be267abb4fe287bf67c2fdbdf4f14556632b8e07a6d464e58ca56e3e33474
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80
7c951a4408b8eb47ecea22bc965c50addb9e027eed0d48b1248869d967967ceb
8489534bde4ad3c3cedebecd11b9babe653de6b413922ec2b877c5bfcb33ee3e
855f75e3c59ecf05751e400ad7f8ef021ab050a882b7c4861a187c9475c16dbc
8883bc0b8dd0d8b6e1f37046e643e3487484913aae5fedbb41b9c0c059ecf123
895f6b9e5d37c494c7c8ebf30eade521c286b27001d256e3a37f5ac27684a57d
8998282f5a80fff5eaafdbd457dd7a81af0cd7c8696bfe032a6aeef8fe67f99f
8bfb7b9d534cf4f45605121c8dfa179ac598da41109537b62436b0eb17dee564
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
8db92e7cdc1ad40168c42e93b05d842e056d8a5b83ae96b95d2b1c546f828196
8faa00fe604f9f30cef70e7242445d28716037d505d4b46c68768c0a3913068f
93f1175b9eb9dcdf7cc89fb8a0049b1734aead76c4e9a71ce2e74c6659dfc7a2
9453297b8c031ffe12f292174750cabd95f6069010d7dfb77e3e840f462706e1
94633716497a85d800b6e573953942c4cfe483c0dbd68fa97fd01dd97ced5d66
94b73ffa6b01ebf43a19d19ef292dfafa1babf7c88593a19dcb53590561f53c5
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
985071e89e5076c1b93d2b9ba507a2e890236ef8e3eaea519c7b2bc364cf84df
9c1c9e7815eb429933f2180216a379f22a45183c8f12e461f3ca1e2714980a46
9c2bfadf1fe546bd3872bf81e8477e95faff0104f3b9b888bc47cff4ffe88a36
9e127a551b1d872db037fb1c551f032ffb34217f160a6906918f720cae169575
a4204561e30e115bc86dbda51c3bff9a9aac25c469c797f126b9db55c46d3fc0
a98a9441db98144c6e8c4ab37c72e26786065a15dfb36a9231be938f76984c4f
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
afb08ef7dbe14e004ba0b93079e3c465c7c6f9d1038518826c8513126aa29ba7
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b5b4fea0f2608d0f0cafdee0e2b00ae659b091c6d18eda7fe291e636ba3f353c
b64cae93d3398a9d5da33d3728f714a222df73943f87b81b7f2c49d58e2794ef
b697c4c8e7c22fa7e18ccef66c1bda6610f19ec8c7d1c60fb3696db54ea5362e
b8bd6ae17f88486fa86c4acb7f2190d93bcbdd5e223e55b46273cb0eb0a05878
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bb896385ea6fa02e6e909593092747972dde99c6265ef3ee03fe5ec950f236f4
bdfd8a95ffd68d8bc7149ea79a3ca8a1869fe507a42e4f7a368f626843346e89
bec82187bec72da82a4eed1c0c3624ac495ca960b7286da80815db9b5c43777e
bedf62e46e59fa272ad95971fb563c91a33501c2443058083872960861534da7
bf75adb4dce36bece1ce5451a9fb6d4fbd65ee72fc074b55ca676f2d8898da5b
c1ccdda10c297d3aeedbe2fa72700c5f49bdf9e102090c2d62775ec3c964e078
c800888331e0e31f317acc8de442b6a71340d4f0d4f3db9dbb7f8e4b3172e84e
d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
d1fe20aff60f91b78aabd65363112fbc84a8e7c8dd0c258bb1aae48cc4e4879c
d2aead8dc297f2815983c6c6d6af932bb8af8903ca55f0434885375ca9247984
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
d946cf00048401b5835b9a5dac2b5beb7b9fd900aeca5a525f99295f9ad7c2ec
d97ea24841d9881b6b38caf9174e468db2c6a133cc325320d5720b0783a37d06
db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
e171f597c12bd7813408cabb76395c783e04c8aa8a0a57416a120ac026e5acf5
e23a04dc769dd89005fe5ef4017bb882e5c00e59079a533602e1c0ffb3781271
e2583eef96598ad98902c91c154a83b5d035c457f0795dba591f9d07c69920e4
e2d910265020b45a6878d4b62b104bc4cfbcf7554e7386d81aef7a0ae208048e
e3a54e557f40c9a8528562f5f9fe39cb3fce5ad1e3f4238ec791c17961645240
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebd0b0892d3b17adc658369a10ebfe9abcd4883fd08bb047fd66dd459edd4481
ec425cce7010294e5d2601a098dabc3e75536351f58e07ada250c8642934fb8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
f41e718277c296a77a6259da8cadd84b5f195d21ea0a6eb36442de9217613c2f
f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68
fcce7b7353be95b84f177e00cd497eb4e485606e88cf17a5d836ee6c0f1f0f20
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a