www.picussecurity.com Open in urlscan Pro
199.60.103.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explaine...
Submission: On October 28 via api (October 28th 2024, 3:09:33 am UTC) from IN — Scanned from DE

Summary HTTP 145 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 32 domains to perform 145 HTTP transactions. The main IP is 199.60.103.29, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.picussecurity.com.
TLS certificate: Issued by WE1 on September 20th 2024. Valid for: 3 months.

This is the only time www.picussecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	199.60.103.29 199.60.103.29	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	172.67.166.202 172.67.166.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.97.61.133 3.97.61.133	16509 (AMAZON-02) (AMAZON-02)
10	2.17.100.193 2.17.100.193	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
3	2606:4700::68... 2606:4700::6811:ae5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 12	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.205.219 143.204.205.219	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:249... 2600:9000:2490:c400:c:77c4:d500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	104.18.27.50 104.18.27.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:8d11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::6812:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6bfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f46c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	75.2.108.141 75.2.108.141	16509 (AMAZON-02) (AMAZON-02)
145	40

52 199.60.103.29 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.picussecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

39666904.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7048931.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.166.202 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.97.61.133 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-61-133.ca-central-1.compute.amazonaws.com

p.visitorqueue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.17.100.193 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-193.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:ae5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:7674 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.205.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-219.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2490:c400:c:77c4:d500:93a1 (United States)

ASN16509 (AMAZON-02, US)

t.visitorqueue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (None, )

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6bfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f46c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.108.141 (United States)

ASN16509 (AMAZON-02, US)
PTR: afe865822f884bb48.awsglobalaccelerator.com

eps.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	picussecurity.com www.picussecurity.com	752 KB
13	6sc.co j.6sc.co — Cisco Umbrella Rank: 5626 c.6sc.co — Cisco Umbrella Rank: 6951 ipv6.6sc.co — Cisco Umbrella Rank: 5794 b.6sc.co — Cisco Umbrella Rank: 3611 eps.6sc.co — Cisco Umbrella Rank: 11869	22 KB
12	hubspot.com 4 redirects js.hubspot.com — Cisco Umbrella Rank: 3554 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3687 app.hubspot.com — Cisco Umbrella Rank: 5859 static.hubspot.com — Cisco Umbrella Rank: 17785 track.hubspot.com — Cisco Umbrella Rank: 2324 forms.hubspot.com — Cisco Umbrella Rank: 5962	33 KB
6	hsforms.com forms-na1.hsforms.com — Cisco Umbrella Rank: 7161 perf-na1.hsforms.com — Cisco Umbrella Rank: 3796 forms.hsforms.com — Cisco Umbrella Rank: 4621	4 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 348	32 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	319 KB
5	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 3841 px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	163 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
4	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	706 B
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2172	28 KB
4	gstatic.com fonts.gstatic.com	117 KB
4	visitorqueue.com p.visitorqueue.com — Cisco Umbrella Rank: 127828 t.visitorqueue.com — Cisco Umbrella Rank: 90087	6 KB
3	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5807	6 KB
3	hubspotusercontent-na1.net 39666904.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 87366 7048931.fs1.hubspotusercontent-na1.net	7 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4567 forms.hscollectedforms.net — Cisco Umbrella Rank: 4719	25 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1472	27 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	83 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	popt.in cdn.popt.in — Cisco Umbrella Rank: 31131 display.popt.in — Cisco Umbrella Rank: 29372	54 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	32 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 479	704 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3483	810 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3176	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5048	26 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2191	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5740	92 KB
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 7549	460 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 13599	771 B
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
145	32

	Domain	Requested by
52	www.picussecurity.com	www.picussecurity.com js.usemessages.com
7	b.6sc.co
5	bat.bing.com	www.googletagmanager.com bat.bing.com
5	www.googletagmanager.com	www.picussecurity.com www.googletagmanager.com
5	fonts.googleapis.com	www.picussecurity.com js.hs-banner.com
4	bat.bing.net	bat.bing.com www.picussecurity.com
4	js.hs-banner.com	www.picussecurity.com js.hs-banner.com
4	cta-service-cms2.hubspot.com	2 redirects js.hubspot.com
4	fonts.gstatic.com	fonts.googleapis.com
3	track.hubspot.com
3	forms-na1.hsforms.com	www.picussecurity.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	t.visitorqueue.com	www.picussecurity.com t.visitorqueue.com
3	static.hsappstatic.net	www.picussecurity.com
2	eps.6sc.co	j.6sc.co
2	static.hubspot.com	2 redirects
2	perf-na1.hsforms.com	www.picussecurity.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	platform.twitter.com	www.picussecurity.com platform.twitter.com
2	connect.facebook.net	www.picussecurity.com connect.facebook.net
2	j.6sc.co	www.picussecurity.com j.6sc.co
2	cdnjs.cloudflare.com	www.picussecurity.com
2	39666904.fs1.hubspotusercontent-na1.net	www.picussecurity.com
1	forms.hubspot.com	js.hsleadflows.net
1	display.popt.in	cdnjs.cloudflare.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	forms.hsforms.com	www.picussecurity.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	api.hubapi.com	js.hsadspixel.net
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.picussecurity.com
1	js.hsadspixel.net	www.picussecurity.com
1	js.usemessages.com	www.picussecurity.com
1	js.hscollectedforms.net	www.picussecurity.com
1	js.hs-analytics.net	www.picussecurity.com
1	js.hsleadflows.net	www.picussecurity.com
1	cdn.mouseflow.com	www.googletagmanager.com
1	app.hubspot.com	www.picussecurity.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	7048931.fs1.hubspotusercontent-na1.net	www.picussecurity.com
1	static.hotjar.com	www.picussecurity.com
1	d10lpsik1i8c69.cloudfront.net	www.picussecurity.com
1	js.hubspot.com	www.picussecurity.com
1	platform.linkedin.com	www.picussecurity.com
1	p.visitorqueue.com	www.picussecurity.com
1	cdn.popt.in	www.picussecurity.com
145	50

This site contains links to these domains. Also see Links.

Domain
discover.picussecurity.com
app.picussecurity.com
events.picussecurity.com
picussecurity.com
insights.picussecurity.com
picuslabs.io
academy.picussecurity.com
cta-service-cms2.hubspot.com
docs.fortinet.com
cwe.mitre.org
fortiguard.fortinet.com
www.fortiguard.com
paperpile.com
twitter.com
www.linkedin.com
www.facebook.com
support.picussecurity.com
www.youtube.com

Subject Issuer	Validity	Valid
www.picussecurity.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
hubspotusercontent-na1.net WE1	`2024-10-27` - `2025-01-26`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
popt.in WE1	`2024-08-31` - `2024-11-29`	3 months	crt.sh
p.visitorqueue.com Amazon RSA 2048 M03	`2024-08-02` - `2025-08-31`	a year	crt.sh
6sc.co R10	`2024-09-23` - `2024-12-22`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2024-06-13` - `2025-06-13`	a year	crt.sh
hsappstatic.net WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.visitorqueue.com Amazon RSA 2048 M02	`2024-02-15` - `2025-03-15`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
luckyorange.net WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-06` - `2024-11-04`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh
cdn.mouseflow.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
hsleadflows.net WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hscollectedforms.net WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
usemessages.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
hsadspixel.net WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hubapi.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-07-30` - `2025-01-26`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
eps.6sc.co Amazon RSA 2048 M02	`2024-08-29` - `2025-09-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Frame ID: 4D5F23CE6CA6AB8DF4F7FB0E98C041EB
Requests: 144 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.picussecurity.com
Frame ID: 22544F20ACA90DF6D28D3E3742282A96
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.picussecurity.com
Frame ID: EA9A9A4D9E330A06AACD1FD51C25350F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CVE-2024-47575: FortiManager Missing Authentication Zero-Day Vulnerability Explained

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

145
Requests

98 %
HTTPS

51 %
IPv6

32
Domains

50
Subdomains

40
IPs

4
Countries

1938 kB
Transfer

5545 kB
Size

39
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://discover.picussecurity.com/start-your-free-trial
Title: Free Trial

Search URL Search Domain Scan URL

URL: https://app.picussecurity.com/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://events.picussecurity.com/demo-picus-platform
Title: Request a Demo

Search URL Search Domain Scan URL

URL: https://picussecurity.com/hubfs/General_Datasheet_2023/Picus%20Security%20Control%20Validation%20-%20Datasheet.pdf

Search URL Search Domain Scan URL

URL: https://insights.picussecurity.com/know-your-cyber-threats
Title: Actionable Threat Intelligence Report

Search URL Search Domain Scan URL

URL: https://picuslabs.io/tools/attack-simulator?__hstc=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&__hssc=51282614.1.1730084969241&__hsfp=3377520574
Title: Emerging Threat Simulator

Search URL Search Domain Scan URL

URL: https://academy.picussecurity.com/
Title: Purple Academy

Search URL Search Domain Scan URL

URL: https://events.picussecurity.com/assessing-zero-trust-program-assume-breach-webinar

Search URL Search Domain Scan URL

URL: https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/click?encryptedPayload=AVxigLKa6CS%2F9OQyV8W3Vt3vvGgZ4wkCk3qAjA6Iw5rf9wtBN9e2h8v2VTxOBpW0e%2F2KQh4dFds8YaeeE96IjBgsh6FZwy7PUXCQaUZFm0iqy7hmF9EdTEbxG%2FUqiOivPp5W7WilhEpc044THMwckGoz%2BK9QSUi8hxtM4%2FgmL1yooLnlrXzHbJz17nkWqu0Xbc4%3D&portalId=7048931&pageUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageTitle=CVE-2024-47575%3A+FortiManager+Missing+Authentication+Zero-Day+Vulnerability+Explained&referrer=&userAgent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F130.0.0.0+Safari%2F537.36&hutk=1103bff039d975938db4834a50eaee78&hssc=51282614.1.1730084969241&hstc=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&pageId=181865102081&webInteractiveId=286429421129&containerType=EMBEDDED&analyticsPageId=181865102081&hsfp=3377520574&canonicalUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&contentType=blog-post&__hstc=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&__hssc=51282614.1.1730084969241&__hsfp=3377520574
Title: GET A DEMO

Search URL Search Domain Scan URL

URL: https://docs.fortinet.com/document/fortigate/6.4.0/ports-and-protocols/373486/fgfm-fortigate-to-fortimanager-protocol
Title: fgfmsd

Search URL Search Domain Scan URL

URL: https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/click?encryptedPayload=AVxigLJbB1aVS%2FMne9kPdYhkdyz8zCNx6qEJpv6kqtzjbnbHu7HQ4LYjbUVfon8iKAU01FogSN%2BiSmg14dMon5ikJ19%2F7THQbquJyUQqkQdLU0keJs9KaivgOK%2FTFcC8yXt2ztY0UZ0ph8PEMubLDm6Q6fB6VZOCXBEAY5Yopx4Q3OLzNfltH2pu%2FQVr1MQnTCQ%3D&portalId=7048931&pageUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageTitle=CVE-2024-47575%3A+FortiManager+Missing+Authentication+Zero-Day+Vulnerability+Explained&referrer=&userAgent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F130.0.0.0+Safari%2F537.36&hutk=1103bff039d975938db4834a50eaee78&hssc=51282614.1.1730084969241&hstc=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&pageId=181865102081&webInteractiveId=329186393359&containerType=EMBEDDED&campaignId=84455ffb-b6cc-45fd-915d-e954ee05c9a8&analyticsPageId=181865102081&hsfp=3377520574&canonicalUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&contentType=blog-post&__hstc=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&__hssc=51282614.1.1730084969241&__hsfp=3377520574
Title: HOW TO SIMULATE THIS THREAT FOR FREE - NO SETUP

Search URL Search Domain Scan URL

URL: https://cwe.mitre.org/data/definitions/306.html
Title: CWE-306

Search URL Search Domain Scan URL

URL: https://fortiguard.fortinet.com/psirt/FG-IR-24-423
Title: advisory released by FortiNET

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/psirt/FG-IR-24-423
Title: workarounds

Search URL Search Domain Scan URL

URL: http://paperpile.com/b/nj1LMn/Kg4y
Title: . [

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&text=CVE-2024-47575:%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained

Search URL Search Domain Scan URL

URL: https://support.picussecurity.com/
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/picus-security
Title: .st0{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://twitter.com/PicusSecurity

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5mXhfkplWvuVW2Jx9MvOIw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1730084968438&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1730084968438&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&tm=gtmv2&e_ipv6=AQJdiaKTPShltQAAAZLRGZnXf1WLnuA7vGzjG2AiRQEmfnfET5WpkPkm835984J_zeW0rs-idQ

Request Chain 124

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=286429421129&containerType=EMBEDDED&portalId=7048931&audienceId=null&pageUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageTitle=CVE-2024-47575%3A+FortiManager+Missing+Authentication+Zero-Day+Vulnerability+Explained&userAgent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F130.0.0.0+Safari%2F537.36&pageId=181865102081 HTTP 307
https://static.hubspot.com/img/trackers/blank001.gif HTTP 301
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

Request Chain 125

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=329186393359&containerType=EMBEDDED&portalId=7048931&audienceId=null&campaignId=84455ffb-b6cc-45fd-915d-e954ee05c9a8&pageUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageTitle=CVE-2024-47575%3A+FortiManager+Missing+Authentication+Zero-Day+Vulnerability+Explained&userAgent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F130.0.0.0+Safari%2F537.36&pageId=181865102081 HTTP 307
https://static.hubspot.com/img/trackers/blank001.gif HTTP 301
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

145 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained Show response
www.picussecurity.com/resource/blog/ 149 KB
29 KB 774ms
733ms Document
text/html 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

447a2a5f4391b8fe1d066daaecf021ebd2ab58f75d811284a1475e2f9e86d3a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=7200,max-age=5
cache-tag: CT-181865102081,CG-35190412163,P-7048931,W-32488136213,W-32488279843,W-32488280065,W-34050730072,CW-106636205147,CW-113292746136,CW-127211604583,CW-153850846592,CW-154512175274,CW-157190659966,CW-158831692418,CW-161965429884,CW-39038130957,CW-41162016556,E-117283871284,E-119013969479,E-125740770973,E-153853753872,E-154512352373,E-154797347330,E-155086192011,E-158844553760,E-158846858310,E-160359389297,E-161959088385,E-32300259976,E-32300424271,E-32300424286,E-32379253675,E-32379319518,E-32497563799,E-39027126556,E-81509078165,MENU-32488136213,MENU-32488279843,MENU-32488280065,MENU-34050730072,PGS-ALL,SW-3,B-35190412163,GC-113292746618,GC-150405732755,GC-153854563894,GC-153854773788,GC-158552791130,GC-161964680253,GC-161965565511
cf-cache-status: MISS
cf-ray: 8d97ba214f22d290-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only
content-type: text/html;charset=utf-8
date: Mon, 28 Oct 2024 03:09:27 GMT
edge-cache-tag: CT-181865102081,CG-35190412163,P-7048931,W-32488136213,W-32488279843,W-32488280065,W-34050730072,CW-106636205147,CW-113292746136,CW-127211604583,CW-153850846592,CW-154512175274,CW-157190659966,CW-158831692418,CW-161965429884,CW-39038130957,CW-41162016556,E-117283871284,E-119013969479,E-125740770973,E-153853753872,E-154512352373,E-154797347330,E-155086192011,E-158844553760,E-158846858310,E-160359389297,E-161959088385,E-32300259976,E-32300424271,E-32300424286,E-32379253675,E-32379319518,E-32497563799,E-39027126556,E-81509078165,MENU-32488136213,MENU-32488279843,MENU-32488280065,MENU-34050730072,PGS-ALL,SW-3,B-35190412163,GC-113292746618,GC-150405732755,GC-153854563894,GC-153854773788,GC-158552791130,GC-161964680253,GC-161965565511
last-modified: Mon, 28 Oct 2024 03:09:27 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWot0Xsro1z8KURk%2B3I06lKbB%2BswG8j9KXxkso3z3VdendMC3nbLy24Q6vDNoOiRiChLCQovh8kEtROQ9j7LL2riZ1g2AbDAF87kHYCKN2ZGIotsSaJsra7dWxoQa3TgzADA2hvI3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 547
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-js-rendering-td/envoy-proxy-b7bf9f78b-xnv2w
x-evy-trace-virtual-host: all
x-frame-options: sameorigin
x-hs-cache-config: BrowserCache-5s-EdgeCache-7200s
x-hs-content-campaign-id: c54e3d4b-3a25-4bcd-9d44-ae12634732c3
x-hs-content-id: 181865102081
x-hs-hub-id: 7048931
x-hubspot-correlation-id: b8e03f11-0af5-4f30-9024-3c554b1e925c
x-request-id: b8e03f11-0af5-4f30-9024-3c554b1e925c

GET
H3 200 project.js Show response
www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 44ms
43ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ef84f26c310485299d6b75777414eddb"
age: 967368
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pu2%2FyvHu0K%2FDNvpyD1%2FuSV4Rw4BDIyxrc0agOaEKewmiUHyF%2B26iW%2BH5FpDO9ir28qhboBSTRbtQf4pc6NNpzEa%2F7vW7UT4pztnXVg5HEN6ywPTEiOR0Cyr4qIKbS1TNXFDFKWvSZw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 03:09:27 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: _yrDuzSJ2hcJn3YpQLxkSOVfplygNKp1sek00WWhwfTAnCfkW_jIIg==
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: application/javascript
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc7ad290-FRA
x-amz-cf-pop: FRA60-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 project.js Show response
www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 44ms
43ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"61ca66de658cab9587e4636894680d5d"
age: 384420
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mts2piuyxcoiNM5kIsqn1T04j3418kxs9CIzn0IrzLFe2smDknu4yIGJAfQ9YzTxtOV%2BUu%2FMIqHIJkqrOKoO1Kg2ke2ilWrHU5WceubqfSD6bHy8rMSvuBGe1xUX1rd6CJXUcI8LgA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 03:09:27 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: q4UZ7onhculjYJQoLW2Y29dUh34xzSdCTrDUPhk3Rl5k20oUnu5u8w==
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc7bd290-FRA
x-amz-cf-pop: FRA56-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 v2.js Show response
www.picussecurity.com/_hcms/forms/ 484 KB
161 KB 50ms
48ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 111fbf14-3429-408e-9730-bb5aef89d3f9
content-encoding: br
cf-cache-status: HIT
etag: W/"53fa063fb1734ce6bb187c96e7665972"
age: 50
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXl4EXXZAlm7TdZNITNIs32YtHJVVkVx0k3Fj4gD5vWln0W6Abx5dUGDhXL1k2%2FdFd5jUd9ui3xAkw%2FdJFBjywhYJ6D5lf4JcWNzeB7UvxMD61m2hnada3u05umIJCxisYpswJa6Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 4FSk8IsMB_MzTBBSN11zvypjPBrtzXEhPNI4DgLylQS7D4ecPejdDw==
x-hubspot-correlation-id: 111fbf14-3429-408e-9730-bb5aef89d3f9
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-6bwth
x-envoy-upstream-service-time: 1
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8d73f4bf865ed391-FRA
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc7dd290-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H3 200 main.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1729666478482/Shield/css/ 62 KB
17 KB 130ms
127ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1729666478482/Shield/css/main.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b10ed849684d1d7752b60848316f4db37f8845c68e43f07df2bef44262684b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: d7f6f633-d87f-4388-8880-a82798e01dc1
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8ab3cdcf2aad0680facc56505d59a41e"
x-amz-version-id: U20t0NfT2CzmdzZG5mhPpMfTSQX5wfzk
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mpzwiYcRnok98jpx5S1wNJPY8WeQlnbYJxlrj%2FwBLizQAyO6RhVCz7zU8bdY5r1k1uLUV64lew%2FAl%2BrKGtyfYebL0wUx820SU86%2FYS5QPujf8g5DicGEOrD6sYsc9jhUOFiWye%2BltA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ZoGoILfQg1FPfj9cLvKfIJL09pBOdFtVQSZZGdPqbSPDmNUSBgOEaQ==
x-hubspot-correlation-id: d7f6f633-d87f-4388-8880-a82798e01dc1
content-type: text/css
last-modified: Wed, 23 Oct 2024 06:54:40 GMT
x-amz-replication-status: PENDING
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-4hrwm
x-envoy-upstream-service-time: 152
x-amz-request-id: FVC48YG3088TWXTM
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: v4Vy4zpbEtQrDpjou9XA1PcIoDDNl8lIqzYlsl+STd13cbgDKxva71Fsifm9TD57tgmgNhD2B5c=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc7ed290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1729666479527

GET
H3 200 theme-overrides.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1711704470960/Shield/css/ 19 KB
7 KB 44ms
41ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1711704470960/Shield/css/theme-overrides.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

616a7f16e89518adbc89002f178ebfac5756fc3e96ca30a807ce65ee0e7e4530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 05016001-0c5f-4206-a7b2-ae7242c4bb99
content-encoding: gzip
cf-cache-status: HIT
etag: W/"07f9f0ec26d491d70da1865437d30ea9"
age: 253
x-amz-version-id: n7FSIrJj.QJIuwKIz3DUmVp9IJPz6b56
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1mzvtx5ZOaW7n6ntdT9wopIEUjI2O3aXmuXgkvrJd1dj6GtvoeWxIsg%2F78ph%2F0k92VdEkaYCHUfcCyNGC2DKp5ug%2BRAinM%2BRVDstIEsATbd3%2BwgGYOP6geZeXjZZwu1W2vJPmYXt%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: xxsOVj-eNKTTALopTDjsyj_KUxQoGctZ_rZKwizjxICAee3upPS2Zg==
x-hubspot-correlation-id: 05016001-0c5f-4206-a7b2-ae7242c4bb99
content-type: text/css
last-modified: Fri, 29 Mar 2024 09:27:52 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-x5dn4
x-envoy-upstream-service-time: 214
x-amz-request-id: QSCSXD28AB5Q8MTN
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: rICtaW891A9P9Nm/jTMmKocqVmRLwT8btPSRhcoyGIL5GbPjNy1t7aileDnwTlqkvJo6/o4fHjsaOTKrdqV5a2srZgkh0Rno
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 7fc4d53a17d950b206cd9fccf1108b8a.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc80d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1711704471664

GET
H3 200 shield-animate.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1682685745883/Shield/css/ 15 KB
4 KB 69ms
66ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1682685745883/Shield/css/shield-animate.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad35b390ce3898cfef7bb94973d42ab290ec56f7315e0b459f4ba017eac96f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 5ef125ef-b043-4433-8ed0-35a87f34e26b
content-encoding: gzip
cf-cache-status: HIT
etag: W/"dc33969eb4c5a40ef5e6be0462874811"
x-amz-version-id: O4dE7lsH.Q5zJBakndHS_xCk2kcdIjSC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfQiLUCqJU7b3Nyx4L%2BipuFiDj1Jz1qvEnJCOs8Qf%2Fwgv2JxJWjpTAuguguYgOmJOgxMkmJ2ApV%2Fe1vD1DfIy0uG%2FaYl38S8UoZTjVbryHR6oPiWFrqFlR9%2B%2Fag0L%2BcRAqjm%2BfMg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: vQMqqzO9dGJgBCsNO9XpOloA8BnoeQKeg_xysutsQ8na7Pkg_QDK8A==
x-hubspot-correlation-id: 5ef125ef-b043-4433-8ed0-35a87f34e26b
content-type: text/css
last-modified: Fri, 28 Apr 2023 12:42:28 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-bhmwl
x-envoy-upstream-service-time: 195
x-amz-request-id: QSCVSGZ2WGR9E5SY
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: GbRMrt1yMeChbx+S/vLpi8T88GoIAYR0y5XSPMMVLHPozvucpeSKef6k++f06mKlso0R+SVX1lE=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 88b63cb2f8aab28c7291262ffc15282e.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc82d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1682685747003

GET
H3 200 slick-theme.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/119013969479/1686049622830/Picus_IL_Shared/Shared_by_Themes/asset/ 3 KB
2 KB 44ms
41ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/119013969479/1686049622830/Picus_IL_Shared/Shared_by_Themes/asset/slick-theme.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80603874c68fef25ac9ffe412a6c6056ab267d7e4d044f090c8282ab80c4da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: a37ef2cf-096e-481b-9909-7bdb792791e2
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fa83e77758ea493769a6cef5ef0df9c8"
age: 253
x-amz-version-id: QzIQ8NfUG.gmqRzMZ_BnITV8_s.CjjH6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jUC1J4UOyiUDkJayxDtsHeAf1qMVxf0akJHnpGU0IRbKR2oQYl7FhZcNcSe%2BdiVo3dK%2BpsR0BIw6%2BiDmu%2Fam50%2FqYR9XSpvdOBPzU42GQ0%2B4o1PbRid5TezcjwBVyOq5wKfCn%2BU9FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: QS0BwWHl80CFPtp_zLjO9lQ4xApq_NvFeROnUkth8SSl2QznRrd_mQ==
x-hubspot-correlation-id: a37ef2cf-096e-481b-9909-7bdb792791e2
content-type: text/css
last-modified: Tue, 06 Jun 2023 11:07:04 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-n6klc
x-envoy-upstream-service-time: 133
x-amz-request-id: XD14KZ1RRED318G8
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 1uNghTlUJy56IB+5a01Q4KIYmMoANpFIFOT/1a+4nxfZxU3k7eQqb5lJaPPxCDxqsDNZr/A6ImA=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 7fc4d53a17d950b206cd9fccf1108b8a.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc83d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1686049623451

GET
H3 200 module_113292746136_Announcement_Bar.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/113292746136/1718373690090/ 2 KB
2 KB 69ms
67ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/113292746136/1718373690090/module_113292746136_Announcement_Bar.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab4ed514d39f2a7cf4ccf6215d9cd4c851d24c9ccf85839cc73e4097d38df61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: fdd5c960-3d60-481b-8a6d-14643d1841b7
content-encoding: gzip
cf-cache-status: HIT
etag: W/"79fa9e889ffd3ba71b4c382b42cec4bc"
x-amz-version-id: DlVKubb8m9tNJJbjBr5gyu5yWs3XFFwv
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RbQbZttvn7xAxsCfZb3Poy69VJsamN13gEkPZitOoGAcTMxgx1FX36hzqfRYXsLtk2Kb8qSuqTpq5w58EH0SL25dG63zef2cQr3PRHyoKvVm4UqLwXfHXBaAhn%2Bk3bwGVQUW3TloQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: GtTvC_tvQmo3JDORQamcq0ZobsfT5zgTQyjxCIdmGYtQhUKpeqWI7Q==
x-hubspot-correlation-id: fdd5c960-3d60-481b-8a6d-14643d1841b7
content-type: text/css
last-modified: Fri, 14 Jun 2024 14:01:31 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-q7gwh
x-envoy-upstream-service-time: 162
x-amz-request-id: 396KV59G63NS83W1
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: ImgEnAJk5tuKeZXNkNsP4yyN+hs/Yu5Q/was/MYAd/s5SqUJDOqPpk9EAtOgb6fZrfJqyqXaFhY=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc84d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1718373690090

GET
H3 200 slick.css
www.picussecurity.com/hubfs/ 2 KB
2 KB 53ms
51ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hubfs/slick.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"f38b2db10e01b1572732a3191d538707"
age: 402962
cache-tag: F-88652463641,P-7048931,FLS-ALL
x-amz-version-id: POcUM6CkvZEPNg.2EBNI3HQQEk16JIcL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfDgwLBocqkL6wHLgb1xFMW7TfBBw7BLGPRmzRbXga4Umk%2BzpmRCPmt8D%2BRiUquu2XOGCrmsndSno0Vt5hsUg5yvaUI81wqKfy79AFZOjYtBYn81SiHx2wvk344cj2bKowhzDMViWg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 59rr1LkLZpRRJvcaZwJuHSU57xLNdSxcwAlwlUxnJ_mDGXiVw3mPkQ==
content-type: text/css
last-modified: Wed, 19 Oct 2022 07:14:40 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-88652463641,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 8B168NN66B9SE7RA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-88652463641,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: EN7hXrXj3uXJXCFiu0XI1c0+5HnyObYUM8v86RuNqIC70U3x5wSjMJK8pVz6d+9hpGBMiT5vSLM=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc85d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1666163679669

GET
H3 200 slick-theme.css
www.picussecurity.com/hubfs/ 3 KB
2 KB 52ms
50ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hubfs/slick-theme.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b7290b38b86182592c3a60c491c3a977318c034959142a61d92a75025b3c334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"70713b38259ac3a32f8157845e0701f3"
age: 402962
cache-tag: F-88672063121,P-7048931,FLS-ALL
x-amz-version-id: beuNhPPn9XCcdaYz_J0NljSiu1XSNKQi
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V669l1AAFVkamn652xKt0X1zrfMxsWFpEyhhvGhC0o3iFJZHahARfw4UWP84w9OlDCT0SZ79l6BugfTUejRjqF6QyE5H%2FMabbDaAJOAQa75dgjVKrkSppiSj%2BFIhUpe4d4YecR2k7g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: awF-qqYrKVmpjOtv0B5bREIXemm9C6Uvu6DLvfsZaZcvWEm-_2tPtw==
content-type: text/css
last-modified: Wed, 19 Oct 2022 07:16:45 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-88672063121,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 8B1A93K0EFAG9W25
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-88672063121,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: m3OgKxSchjjCu2mZfq+ziPhfiHQdxN54c61F2Ak8GJ1MIbxSIClLhYrzICRLv96kW/Ui1FidelY=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc86d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1666163804020

GET
H3 200 buttons_24_live_temp.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/155086192011/1711467339040/Shield/css/elements/ 2 KB
2 KB 74ms
71ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/155086192011/1711467339040/Shield/css/elements/buttons_24_live_temp.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

633600072534f800c00ce54b60270678545462434c28e1865dde26273d8b00d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 975015ab-49bc-4902-806c-c211aa4e5cc1
content-encoding: gzip
cf-cache-status: HIT
etag: W/"57dd5c7e70071fad5326af68ed136256"
age: 252
x-amz-version-id: 7OWdRx4_wRnZy_TqVwi.z5ut8ubwppC5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibtrsCf7bhp0cd%2F3dwdwYO6RM7c95aF1vAuptlcjI46mzI985FTZb2lzvt4UNKqtevFwGe0ICpcgukaX6YXKiRNIZraJxAEzRZpGPtr7rUaDo3X8UJ2wRz7dQ2NG7MqNvSCKWGrc1A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: stEpWiKITj4hbGvESbp3_fT2wkXpB1rPr3P3Ydz7ZSKOQFPoAoG_tQ==
x-hubspot-correlation-id: 975015ab-49bc-4902-806c-c211aa4e5cc1
content-type: text/css
last-modified: Tue, 26 Mar 2024 15:35:40 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-sf8l8
x-envoy-upstream-service-time: 375
x-amz-request-id: 163QRQWZ5RQS1HW1
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: DncqYzQ9w/CkxqAmfcYV6CvYKDu49tSpl/u+tr9OyYCTlyrddJMCkhVrG1Jb8JjGHr0DEALRw5E=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc88d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1711467339681

GET
H3 200 module_39038130957_Lead-Magnet-Banner.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/ 521 B
2 KB 74ms
72ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/module_39038130957_Lead-Magnet-Banner.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 67a76c45-f112-4ac4-a3f4-6b9685986e69
content-encoding: br
cf-cache-status: HIT
etag: W/"b598cb9f535e9d39bea6fb4c7afc98a2"
age: 253
x-amz-version-id: _6kG0Z6N7nb2Amvf0P3QvVEgQec_PKrh
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QOcPlB9%2BxueGu9qJbN7nwPZXv6qVuvmP%2Bg%2Ff5cD2P0ryV4DrOF8qXjRm42UJKz%2Ff6hv2ZDHb1NsH773FUhwinRP7vtQp2hB7%2F1ExtSjs1JIaxKK%2BT4ptRgD5jEY03sM4C5ynhdUDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 0AcYqzavYVHEMNQOxQT_9tsyM2U8vY2gpW_ZgfQHq-NztONEPUlkQg==
x-hubspot-correlation-id: 67a76c45-f112-4ac4-a3f4-6b9685986e69
content-type: text/css
last-modified: Mon, 21 Dec 2020 18:36:49 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-j4svf
x-envoy-upstream-service-time: 233
x-amz-request-id: DR2WXHT750ATQHKP
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: Ul65vAQ3E9XqyOIxGZg1QqbkDDtobxCLy6WBT+YYrnv/Gy9ipxytMOGmBAHamsey15C0iOqc35cuS9RM2BW8b3q2333E1Cc9HY38zPQNqnI=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc89d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1608575808109

GET
H3 200 main-blog.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/158846858310/1718643038303/Shield/templates/partials/blog-post-layouts/css/ 746 B
2 KB 74ms
72ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/158846858310/1718643038303/Shield/templates/partials/blog-post-layouts/css/main-blog.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d042ae177f7d076320fa923d0bfc2d3f831e3dacec0ff6fffc1328d4e36f2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 3caf8a8d-6288-460f-83b3-cf0a54fc5639
content-encoding: br
cf-cache-status: HIT
etag: W/"c8a0733f23e3d47a998103c206215b1c"
age: 253
x-amz-version-id: 67zOSufRDoTrJsiIpgZ.VHGK38h9xBf_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q7UY6MHzl1FNr538fOmLfq8yIdyWotAlmWIu1Do%2FCXF%2Bkgca07G2zNr80dqJFPu9dyVdYl75PRn3NfOpEHfnD86q%2FX0RfnqP9fFNRZKr9xSsuZ3pOqmLUvBgiKZQ%2FoTZnRFStZF4gg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: idm-xLbzUc0GOqbRf_gPX5a6538QXwvEW2pxVP_c3cbo5lDLMssfjw==
x-hubspot-correlation-id: 3caf8a8d-6288-460f-83b3-cf0a54fc5639
content-type: text/css
last-modified: Mon, 17 Jun 2024 16:50:39 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-tn96w
x-envoy-upstream-service-time: 213
x-amz-request-id: 5H7BGB6QKJB2KABF
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: hdmcdkkJEYw5P5omXXYM/WUiQsefLK2+2JowceJZjpVD+lI0snQ61ZMkzFgasABHWnWVK30lVbQ=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc8bd290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1718643038991

GET
H3 200 module_158831692418_promotion-box-v2.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/158831692418/1722507877768/ 265 B
2 KB 77ms
75ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/158831692418/1722507877768/module_158831692418_promotion-box-v2.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

041685b0e5a31c63c4c06ffc86484bdd0c56100f1f0b36c91571e6a00bcec715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 62a7d37a-9954-4ad6-95d8-2b45feb43f1e
content-encoding: br
cf-cache-status: HIT
etag: W/"24d6a4097278d1fd6d98de8011279fb7"
x-amz-version-id: R2tkIutFE4R55yodW8QuYHz4reXF6E66
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESqljEfHpR9%2F3Ty2c8dOqLy6akZ6xqXTmajSWsw%2FpI7CY4pAbPyViRWDI%2BC6f8gdKl8wxJLnX9SzqiMURKmaljAsqBzZwkpgEFYE9KsttE1rHQZphSzKiA4Bwv9lWZNsSVo%2FnMsQsg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 1uO_zNUpzZPFqGvGj_AxOueoYIwWAwYtj-GDS6VgECNxeJflh3KYTw==
x-hubspot-correlation-id: 62a7d37a-9954-4ad6-95d8-2b45feb43f1e
content-type: text/css
last-modified: Thu, 01 Aug 2024 10:24:38 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-8r69h
x-envoy-upstream-service-time: 328
x-amz-request-id: 7F31R2KHY7A2BQFY
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: WoomQVxf42D7pYNJSnMH13lNHvmSl/1lMGRs38FUCP1bqPyB2JHXFQpy4bN/BSg64P3lfFpqkp8=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc8dd290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1722507877768

GET
H3 200 s2-slick-style.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154797347330/1729693014912/Shield/css/components/ 2 KB
2 KB 77ms
75ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154797347330/1729693014912/Shield/css/components/s2-slick-style.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffba9a52471b5e7d35690f8297267837b94bdce89a67fa3ab13e5574d686a546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: d5acbb16-6e7f-4b1f-b7d3-c9b4b26869a4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d6dc4e832b6b870e023ff0d6ef6b2b39"
x-amz-version-id: bN7b2z5R61z9bPWhzSSKI3SRUbuSSZRx
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2BTGFHmttTWI%2BFhoGf7iaBurWwfxVTbwrftBKHOAXVN4hoVTCvZcARQVtxKDKd%2FpxUGhdF4EFJWF0KWYJ7RGmk%2BipDWlO2rYBtE6AtbZXKeHocnF5TuG55hc2x8UoXbbtSpe7jqHhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: QB2c3xRobOb2mwBIcilLgzEtx7JntSRnL6SSGunWtLM5p_zv3Lq75w==
x-hubspot-correlation-id: d5acbb16-6e7f-4b1f-b7d3-c9b4b26869a4
content-type: text/css
last-modified: Wed, 23 Oct 2024 14:16:56 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-4cwxm
x-envoy-upstream-service-time: 239
x-amz-request-id: ZHRJ52EPT2DRP6GG
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: c7D8G+cr1tooud7Xu3984IhdsRCVuMYS3pe4SxPX+f10HIM2uhSXSRxvzPhDGLsHVAnUoFgXTtQ=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc8fd290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1729693015688

GET
H3 200 s2-generic-2024.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/ 15 KB
5 KB 91ms
89ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/s2-generic-2024.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc1ff7f9b57caf071c85b50968032dea1fa2ff1dc8a84da9d248d70a7820ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: ead8ac4b-658a-4a0f-aea3-8059ed2b02a6
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4b2acceb7f22fa88055b1b6ea68f43f6"
x-amz-version-id: P6D8I2IPwV0ppjV6J83azg6P8d4.ZgZ9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FPPztgCV3rqYhJu3y6SMOhGQz9EErSF%2FqGIAKdoyYRn3zA0yb5mmf2oXtIBjRJASQ6Mw2UVVDnbEtgfFfbRei0NX6aDQpBhjmiyv%2BbFeOc6KXchv17Uzg06S99nSU5GxUyFeLLp6A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 6x-dFvVnpL1wl-71l3rxSC57mpUcuU-Zjjb6qsppwjrWSEsep876Mw==
x-hubspot-correlation-id: ead8ac4b-658a-4a0f-aea3-8059ed2b02a6
content-type: text/css
last-modified: Tue, 01 Oct 2024 13:30:49 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-bj2qm
x-envoy-upstream-service-time: 154
x-amz-request-id: FYR1HP7QP74QEZ1W
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: paamTXiY3Y2WvfIAx/AIrj3JFgdAMFc5xWnrow5wQX66sJPx9nfDuKvu0fWgXRgzrg3I9KU1Mtv4ZQsPqQReptd6s75AGNpp
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 5084a25d91022b55b5acf281581c6444.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc90d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1727789448244

GET
H3 200 module_153850846592_footer-subscribe-column.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/153850846592/1711461276903/ 2 KB
2 KB 37ms
35ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/153850846592/1711461276903/module_153850846592_footer-subscribe-column.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

794559db00f5a68a8a82dc14f100cd1f9a970cbea66701ca8a43dee9919ffe03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: f00cea74-84c8-4963-ac3c-5a3420f0946a
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f0bb9c2921cb8261ba425f19ee6a96cf"
age: 261
x-amz-version-id: eXne9q1JzSZgmx3FIoxMEAYoI0TuCmV.
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4Kf7lIw4OvnulSDWTiTwkhmoMIwni9PcyG3524OFUK5PLhhfIIqvVvU99sXZx3JNOZy3J1sgRbcjVQ%2BJCNt7n%2FUJm%2Fw7l0%2BU8CaZfhKES5V23V0SWH2ypImI53IG%2B%2FoNIY5rjxtmA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: Sk0bqUkPM5peC7V5yUaeVuqXMOsFkd0YkxkRunvRpsjohUZZKdG2iw==
x-hubspot-correlation-id: f00cea74-84c8-4963-ac3c-5a3420f0946a
content-type: text/css
last-modified: Tue, 26 Mar 2024 13:54:37 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-ccrqb
x-envoy-upstream-service-time: 175
x-amz-request-id: 4XTWS0PY3CAQXA53
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: z2lbTl9GvIFns+kQhKNn//jEnBz2GehixHQCuqlrtF088xP3ouSfZBvMEPd9XlYFtY6QXoUex/Q=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc91d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1711461276903

GET
H2 200 TrackPlayAnalytics-b0403829.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/391/js_client_assets/assets/ 6 KB
2 KB 56ms
26ms Stylesheet
text/css 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/391/js_client_assets/assets/TrackPlayAnalytics-b0403829.css
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0403829bc66fd1f26c7ad7f42a2560787fe44f34417d357ed83d107ab32d983

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
content-encoding: br
cf-cache-status: HIT
etag: W/"65806cc0ba70516e6b234221657321ef"
age: 809289
cache-tag: F-181465718431,FD-181470571335,P-39666904,FLS-ALL
x-amz-version-id: nQtMBv1epydaX_IVuEGHxRdir527gSwt
x-cache: RefreshHit from cloudfront
x-amz-cf-id: GVRaioqiCKNId3xIhRfwN3nSYONXnlaFn0I4L70umgl70AZWtEbe7A==
content-type: text/css
last-modified: Fri, 18 Oct 2024 18:12:34 GMT
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
edge-cache-tag: F-181465718431,FD-181470571335,P-39666904,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: J158MFJB7MXN17DZ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-181465718431,FD-181470571335,P-39666904,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: yBO/aAz43H1pZQVm3lTLPt9rKyIGhu66eW7eZXKkj20NwpejeKnxzVEtty9ow7oyVhVrBMMh2aU=
x-amz-meta-access-tag: public-not-indexable
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
cf-ray: 8d97ba261b58d399-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1729275153317

GET
H2 200 Tooltip-4a948cad.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/391/js_client_assets/assets/ 3 KB
2 KB 56ms
26ms Stylesheet
text/css 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/391/js_client_assets/assets/Tooltip-4a948cad.css
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a948cad1525b333f4615fb0203e3dcf4a5fdef9409adb657fceeab1dcb37f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
content-encoding: br
cf-cache-status: HIT
etag: W/"983d8d84588e7c3f88e069694360be07"
age: 809305
cache-tag: F-181470483583,FD-181470571335,P-39666904,FLS-ALL
x-amz-version-id: eWWaFQ5zw4VF3x3gl1LshUH3cQN5_ghv
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aOYfq0XBUrRqDNIaAJgmu60rs0dmJbaENbM8LZvHYyMaA2nvyaeTGQ==
content-type: text/css
last-modified: Fri, 18 Oct 2024 18:12:32 GMT
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
edge-cache-tag: F-181470483583,FD-181470571335,P-39666904,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: J157QAJNN629FZGA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-181470483583,FD-181470571335,P-39666904,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: LoJYojhKCfx1g2ej14X/QlXaylk+9qXgAy1eGVnNnkxlaV7Kyf2dgM+YWTI4yj/GcKCptZ39f1o=
x-amz-meta-access-tag: public-not-indexable
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
via: 1.1 87460d1a148290fafb5fd26353cffdee.cloudfront.net (CloudFront)
cf-ray: 8d97ba261b59d399-FRA
access-control-allow-origin: *
x-amz-cf-pop: CDG52-P5
x-amz-meta-created-unix-time-millis: 1729275151580

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 27ms
13ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "603e8adc-15d9d"
age: 296935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dfv09MKeR1ydrLIrPaRzxaLw5ALTGoKIK%2F7ZO7JncFvUzkYaSetn32PO2QXcMxzEzWBtDeiKMdgw4bqUAxWX8fGDDSisbK%2Fgk0f3ZuBh%2B%2BZWjHaVfspWCLq2huMz1K8DETYxkJte"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 03:09:27 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d97ba260be4d34c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27938
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 38ms
24ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5fb4701e-2c03"
age: 291814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8qD%2BlsrwodXbjMC%2FJGSJRpyy2KPqZOG2mcrPy8AIOQqKHx2jaR0rJSoR3VTNBeImMjh9LLHWooC42jh9WUkHl%2BtguTZjWqoqjNdr3PRuPSsOhdjQyiWlD9VTHzifYWPwBWraXQV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 03:09:27 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d97ba260be5d34c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3718
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 64ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,400i,500,700&display=swap

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82fadff367a12e614a5ec145bec6ea58ab214367c8c6f3186ca07353b0bbf16b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 03:09:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 pixel.js Show response
cdn.popt.in/ 228 KB
53 KB 97ms
52ms Script
application/javascript 172.67.166.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=64d678615e3d0
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d70ca063e74794c815071ccfb049724e710670831daec887b7d5b826aabf5083

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: wbfTV2A_rgqY2sbAdYebx9vurBKs0nOE
etag: W/"98338421705b118a0d4f18ddab07a38e"
age: 6702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJTMjo6DoVcuMRhSpj%2BgHSrA%2Fph7aa14hjfRVAC5L8yT%2BueI%2F0ZxBzfxC%2F4a6%2Fk%2Buyr0LjqfQz2Rd4WTF1fD453ET%2FSw2dB9wrJ%2BkXFj5DDL41OySomWhLi07LEOAA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: cGkI8JDrYjzxw287-dFYOzlzQZMWU8EYSxqI0gT4P-QBOSvFL_rUzg==
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: application/javascript
last-modified: Fri, 25 Oct 2024 09:16:43 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server-timing: cfL4;desc="?proto=QUIC&rtt=30418&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4076&recv_bytes=4331&delivery_rate=99363&cwnd=12000&unsent_bytes=0&cid=86bcf6811cbf7109&ts=59&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 d6f62c603361035a63e0fd5fd34b7c62.cloudfront.net (CloudFront)
cf-ray: 8d97ba286bd5be27-DUB
x-amz-cf-pop: DUB56-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 67ab0ee7-fcba-400b-8cb3-db7bb1cc0033.css
p.visitorqueue.com/styles/ 0
117 B 340ms
102ms Stylesheet
text/css 3.97.61.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.visitorqueue.com/styles/67ab0ee7-fcba-400b-8cb3-db7bb1cc0033.css
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.61.133 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-61-133.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

access-control-request-method: *
access-control-allow-origin: *
content-length: 0
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: text/css
access-control-allow-headers: *

GET
H2 200 8aaca2fd-5cd9-4888-ba4c-a92130465f35.js Show response
j.6sc.co/j/ 1002 B
890 B 662ms
414ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/8aaca2fd-5cd9-4888-ba4c-a92130465f35.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4c92a856ef5f00e2ac59b76a4960d24a2dc57e80fe559acaabf141494ef00081

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
etag: "8bac6645b92976ce9ddc83f7e77c4cfc"
x-amz-version-id: JLNEtGotk8b6dmhKDZy.dxdNRH2fgtRS
expires: Mon, 28 Oct 2024 03:39:27 GMT
x-amz-cf-id: MLHATUlF4GfQOoV6TRJ90GKzPCbNYQZ6sL2MR7F7mQdCQMahtHqFGA==
date: Mon, 28 Oct 2024 03:09:27 GMT
last-modified: Thu, 30 Nov 2023 08:48:17 GMT
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-content-type: application/json
cache-control: private, max-age=1800
accept-ranges: bytes
content-length: 507
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 95ms
12ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
age: 3007
x-cdn-proto: HTTP2
x-li-fabric: prod-lva1
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:19:35 GMT
x-li-proto: http/1.1
x-cache: HIT
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: text/javascript; charset=UTF-8
x-cdn-client-ip-version: IPV6
vary: Accept-Encoding
last-modified: Mon, 28 Oct 2024 02:19:20 GMT
x-li-pop: prod-lva1-x
cache-control: public, max-age=3600
x-cdn: ECST
x-li-uuid: AAYlgBipaNIk6H8SmM3gJQ==
accept-ranges: bytes
content-length: 163630
server: ECAcc (frc/4CE6)

GET
H3 200 light_logo-original-SVG.svg
www.picussecurity.com/hubfs/ 3 KB
2 KB 25ms
24ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/light_logo-original-SVG.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21036da1013e88ad1be39946746a916786b081557a7a72b6a194c153c175aa59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"48ed4add03225d471676e998d8262bb9"
age: 402961
cache-tag: F-75149788735,P-7048931,FLS-ALL
x-amz-version-id: 2bbLkTbvsvFQW3gHMJyxn2VjG1fJz2sZ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWy0bdkIXaboJfK4FIfhCwhtDgoxixz%2BQOjobrJIwYsSGFshVLFhX8j%2FlWna5goNgMybljDL5QLjTuyhW0uIhQBSG%2F0nHCg3Dmft3kQTJ3uPnpPEupYaz%2BR7wy9hdAaV4%2FfaibIfxA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: qprvmntAccbIH-RpK-lMUBOmDIOFxAJ5ZoWoypDdVihfTtBxqWRtjQ==
content-type: image/svg+xml
last-modified: Thu, 21 Mar 2024 08:53:36 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-75149788735,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 80FX2Q7815RCA5JX
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-75149788735,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: J3FEKRneqGFcnnuiAEzGyELkDQ+HtkpRA/qLq6PrUr2Huj2VbJKyhzw6LKkKBrw538ETTcFm294=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
cf-ray: 8d97ba291fc3d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1654140894047

GET
H3 200 report%20(1).svg
www.picussecurity.com/hubfs/ 5 KB
3 KB 61ms
60ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/report%20(1).svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf773224fb7b3fd5978d7b527d003387334f71f37ed57e9ea50fe7b9bf4d6a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"9e7e94a90a4311547fb36c1f1dd7ef9c"
age: 402962
cache-tag: F-162786143818,P-7048931,FLS-ALL
x-amz-version-id: .CzJW_cs2EkiJ0JohZpoME2Kp1Jni00a
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zhlGbL5DGIR5UrtrG3cFPG8F%2F8lHCWehfq5iAcJY5bb7kiLUi9nmgCd8X5XmW08z9TqR5DIXaBZhNjcS6WbiO8bq%2BAcVg5ugHfnuHnsG3vd%2F%2F0nfexRUj6uRivONVBlQarNqIRjIg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Y0r5DtRyjKy0qocjs81ht7sQdgI_riLrRjr46bDoo3vcRZk8Rj83NA==
content-type: image/svg+xml
last-modified: Mon, 01 Apr 2024 11:45:25 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-162786143818,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: P9F6C6PYB8TTCKC8
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-162786143818,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: /xM+BatCLu+thdjk1E4n9DT6qeYSDuyh5jDZLy80arJlkmY8ZcXeDOXZrRaJt81v3xYX2vFrUcQ=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
cf-ray: 8d97ba260ca2d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711971924316

GET
H3 200 white%20paper.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/ 2 KB
2 KB 28ms
28ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/white%20paper.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ca2178c03aa90413665605224901388a8a7694be710ccf31d1c9546f6bb558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"66405d9753202d06b0b9b8c0731c122e"
age: 402962
cache-tag: F-162784353194,FD-162786929972,P-7048931,FLS-ALL
x-amz-version-id: qKWviCmcUVpCSakC.wZPgGk71W9rF9zO
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLYFhihQ7TW6u%2BTm4ustiHTSnC9DM%2Fj8uj0SyNyP1tEDkHFp0zb65q%2BxNuydiSZBxDJ4nSvOsa18%2B5kf4zAGtJlAZvz9I5xQzrUbWflJIlCDgT5AcQnfxA5NkVKrDEkfTQiQp0Puzw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 2Lz_kX_-f7D-jBCemV4HVinoEHVMqoQBq6aBzdY9RHAZNJTH8wgSsQ==
content-type: image/svg+xml
last-modified: Mon, 01 Apr 2024 12:08:04 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-162784353194,FD-162786929972,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: B99E2BSYRCRT8DZD
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-162784353194,FD-162786929972,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: ElmE6wpNnfupcrk+Ts8cY2b/khLgwC9xCjgw1U9b0HUWA19pCtJRFXTEPF3m4WR++BQq+0vuJICmKAq/bED/2hJ+d4CDdbEWJGI0/uZ5d0U=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
cf-ray: 8d97ba260ca3d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711973283545

GET
H3 200 Group.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/ 2 KB
2 KB 35ms
31ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/Group.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

228f08d7d79b9a75e9df18997ee260c139fe2d538924d5f05037e047d3f41d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"8f574252daab27008baf3457366fe0bc"
age: 402961
cache-tag: F-161968113191,FD-106424384934,P-7048931,FLS-ALL
x-amz-version-id: Y4m6PvMsT0hDs0VfCSSE5aTeXjUonr7R
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EE%2BAm1XMc26%2FRkMR%2F0bq7Tk3LunKgkLFQP4Gg1p4H5ubcwUg22%2FN%2BfuPHG6rmXYUVZkJ2jIHcDzYvuA8IRrvoI3%2FKrCiWqncXrD7IaMBVZ7HO%2F1ak3nvXHtuWhJFx6l9sqfJi2SzQA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 4ooegboCKhPkWOxs3AvUph-IfRldDeu9ZU7CuYRicS2u3MGGiWsZsQ==
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 09:47:07 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-161968113191,FD-106424384934,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: SP2KNG5V5QC271VF
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-161968113191,FD-106424384934,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: ExkyK+ZGxJOkAr/dQhhj7VvD5jfNWNSLreTan0akaXl0uoz0iVj9bLQH64+whtAKD+cPdHVUohs=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
cf-ray: 8d97ba266d0ed290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711360026267

GET
H3 200 Paper%20Icons.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/ 3 KB
2 KB 42ms
41ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/Paper%20Icons.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8762831ff219f8b76b3479d9ffb9da218a058d059993123584cdbb5da6c079b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"af898a1c995d79d5de9c5bbd71bda7b7"
age: 388711
cache-tag: F-161967644941,FD-106424384934,P-7048931,FLS-ALL
x-amz-version-id: G6aTXUudX1thnchIZCO_zEyjoyxJwiGR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tz7W9ZC7bEjD33%2BQAOVVaPqwXrxct7baYZQ1U6XqA0Vv5omtCcijlljqsP06aieuMIyCHJI0BN813k5143T%2F5WhPyi6VCtduLLsi6l4Px2yHBba%2BZllkdCi%2BX0SxkSvcsCh1H%2BCRgA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Od7AO985q10rzTBPhC4i1cdank3AeldgsWe21L2DOm1pUVw412MqMQ==
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 09:51:40 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-161967644941,FD-106424384934,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 85PFFNHDMBAZWTES
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-161967644941,FD-106424384934,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: kfbrcaYUtG/+UHP+yKOkBlx32jmfYGBWFrLOrXVsE4RjVeb2KKcfbeo26eah/gloO0/UpwSdTkcFdDYO0sMWUF0S6ZuOmiMS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 cce339e34372cea758a4181fcf4e7c14.cloudfront.net (CloudFront)
cf-ray: 8d97ba268d24d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711360299644

GET
H3 200 report%20(1).svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/ 5 KB
3 KB 28ms
27ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/report%20(1).svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf773224fb7b3fd5978d7b527d003387334f71f37ed57e9ea50fe7b9bf4d6a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"9e7e94a90a4311547fb36c1f1dd7ef9c"
age: 402961
cache-tag: F-162786139288,FD-162786929972,P-7048931,FLS-ALL
x-amz-version-id: vLyxAfyxINwLbl8l.uvRN1DJ6FrzhUON
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQvG1YuQD7ZzmrYop1FTuU%2BlrwhzsNmcUzJKHpIo%2FlyRjp4CjP%2BYEOpQ37p0TewkwlIeq5vRbOd%2FCfQFDgnCfBsKj2wX7HxaxQNrdsCw23T9B133VKZtU2aCt46%2Fqx%2Bnw7Z7BpSQIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: eHpIjcMbqUU7zObbXzMh0RoBw6X3O7XWlU2k-JQ9Z7JwOrk9Ocit-w==
content-type: image/svg+xml
last-modified: Mon, 01 Apr 2024 12:08:04 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-162786139288,FD-162786929972,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 80FZ5G6VKVJ5J1DT
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-162786139288,FD-162786929972,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: xyNxsZ3h/HPAyWwCZwRNaiL5arNw2jyrxGjnDE1jl7w8LeuO9zi+7QBrfui5XHr6uGBDGfvMiX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 98845fbd1cb14abbe9d464a4caf17976.cloudfront.net (CloudFront)
cf-ray: 8d97ba294fe7d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711973283596

GET
H3 200 webinar.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/ 2 KB
2 KB 30ms
30ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/webinar.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4071465b2c0223da0e296a2d9ed8fbec379caa2d8eccacf96113afa481d7714a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"1870d43d00ab230724e0509f1d40c007"
age: 402961
cache-tag: F-162787310732,FD-162786929972,P-7048931,FLS-ALL
x-amz-version-id: Wb4ah8A.92KNq.UjMkeG8TpLY3dVHhNK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pIwFDRNyXGbpqGq1MfGFX2j7R%2B3%2F%2BlOm%2Byk4Tcle4mCVPREkVed9vuRqsU8BaZE3KpEVWrmZ6BxsXdWjqj1HaaXGDYyY4s7ZJvST48TklxdqUTtIZVYFYw%2BEuV9qgMP%2FZcDx7V%2B8Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: cllDH7RxtmqMtcY6mCXU7hOobdrv8l_kyDW20ER0da5UwYG55VpWLg==
content-type: image/svg+xml
last-modified: Mon, 01 Apr 2024 12:08:04 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-162787310732,FD-162786929972,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 80FVFPMM4MXNKJ0N
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-162787310732,FD-162786929972,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: E1/Cujq7YAAah37H32PlRk50jEUS9U5a5UYYetHzqfLhx71sBb7w79rmG1YMDGSJFB8WHROT2AQ=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-ray: 8d97ba29781ad290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711973283530

GET
H3 200 Data%20sheet.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/ 2 KB
2 KB 28ms
28ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/Data%20sheet.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d24d7930883c81a956a8d25026d6befdf264a901da8570a7fa27b6db580c2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"2978bb799a23d124f5407472f883155a"
age: 402961
cache-tag: F-162787304607,FD-162786929972,P-7048931,FLS-ALL
x-amz-version-id: aGCl_khANGAehik.SERmQr2ajrV713hJ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcTwenaOBNFvFuTvzt4%2BOoz%2Bf2EondFwDRWAvdbijgeDB4jO%2BdJBOgYukCsvvDhc9zAmO5cTJenuEK9KT3JxPjeQ%2F6a5yDShWeYRQ7io2DWeBRMlWBuS3soq7pCOwWWzYmJzJZLkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 6lSZouUfFbyce1tHPT4MqeIRknv8f25l-af-i4Icl5mSOdkg9dGo9g==
content-type: image/svg+xml
last-modified: Mon, 01 Apr 2024 12:08:04 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-162787304607,FD-162786929972,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: SP2WHM1J859R44ZN
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-162787304607,FD-162786929972,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: YS+coubmvn9h3b4mvcQVY0vMe6xVNQQQ2nP0x8UTezai/NEcSTtgfzD3j6Xd8UIUp6Y2eTWwVEpdcrWFG21/7x556XZ9UGGQIw6J1jk/ymA=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront)
cf-ray: 8d97ba29a84ed290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711973283543

GET
H3 200 linkedin_black.svg
www.picussecurity.com/hubfs/ 1 KB
2 KB 26ms
25ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/linkedin_black.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"cb53f1d14fd4d15a3313d2a24a524fb8"
age: 402411
cache-tag: F-26106634639,P-7048931,FLS-ALL
x-amz-version-id: cxF8LRaoHAeGt3BhM7bUzN7AlCshNAnL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bkk8kbZgtzLcGlhwaiSJIcASzph5IwMtyTK8Df2GpCTVYIJT9wNUeSoNDU3oJkzPskwrzCwpk7XFlHJ9mKJd6fkTGPZXEMP2tsO9Xl3Kf84XwBx4dVsPQNIOKHGEkqBOsSNgbAw8KA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: R23zhuXxSLBmHVQreCFIHXFAZM4EPkdd98KE95W5iORpa82ldPUajw==
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Feb 2020 04:30:55 GMT
vary: Accept-Encoding
x-amz-id-2: bWnPH1oro8gcsD8p9XC630KyZPgoIqvQClKfSLlO1sfoOqORUUlhr4lwCgO0ICREEDAkvcau5khhsKYCDQ9HOUCBRz1S/9MWfqlhg8FyOOg=
strict-transport-security: max-age=31536000; includeSubDomains; preload
edge-cache-tag: F-26106634639,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
cf-ray: 8d97ba29d884d290-FRA
x-amz-request-id: 07S6YM50TZ9BFYSB
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
access-control-allow-origin: *
x-amz-meta-cache-tag: F-26106634639,P-7048931,FLS-ALL
x-amz-cf-pop: FRA60-P7
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3

GET
H3 200 facebook_black.svg
www.picussecurity.com/hubfs/ 669 B
1 KB 32ms
32ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/facebook_black.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"655ebdf8c830e8540b691af2f06d81c4"
age: 402413
cache-tag: F-26106634638,P-7048931,FLS-ALL
x-amz-version-id: 8CJrjrvqFB2TaFMkKGP3y_iXgtaroa19
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AR4UayccEbPAE5RkWUPMT1K8nJttWn76xcREskARTdb2xH6PYyGBXh6gHitH6csABC%2BJtyTF8pGVcVOUWGUByYRqJr8xZkO%2BpLnTB9NIU%2F%2FFqn56Hl2cHUXWvrIm%2F0EdVUkHmpG2Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 9GBWgIm0eIk44lOe5-3Bp78wh2qTLoTThMoqZyQ3f5yU5D2XjNsMVA==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Feb 2020 04:30:53 GMT
vary: Accept-Encoding
x-amz-id-2: 4QdY1sn7eIYYiK8gyLYFRst0fPALwLZPV3tZEAGu5s33lLjIQ7FoedYDiSC3ZoleqSitS3cTvmZLBCXyV9/S3qYEzjKTxKPy8nWAusSPPas=
strict-transport-security: max-age=31536000; includeSubDomains; preload
edge-cache-tag: F-26106634638,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a08c6d290-FRA
x-amz-request-id: GJ74QBMDYZD8Q0MJ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
access-control-allow-origin: *
x-amz-meta-cache-tag: F-26106634638,P-7048931,FLS-ALL
x-amz-cf-pop: FRA60-P7
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.1293/ 13 KB
5 KB 66ms
23ms Script
application/javascript 2606:4700::6811:ae5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.1293/embed.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb5224674e43d02db0037517f4aa29ba5ce9ddd0672e513cc7289714ba657522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"f667e53d5752ee2e5759f3dfaf20d330"
x-amz-version-id: AFGFBaAC1397GFbOapH2DRIkjQ_NaZzY
age: 379110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86dIJK%2Ff7%2FrYlTDJxr4D0w4jYFmGommZn0sA2E2KuLYDPVb3%2FBXV28xAY%2BLcRRkULgFK0oHG6mdncGvz1K8qo637uQDqjrOrSf7MW2jGZJjnAMEpixt9TYWbIxNs7OFpVBRrN%2BQmqzww873qG7mozTY2mHY%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 03:09:28 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: XGSx7hOxAPz5YijOM0pekUwlyk8pr39vojqAD7AmXePBIuyz1sspfw==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 19:59:06 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a5c12d20b-FRA
x-amz-cf-pop: FRA56-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 main.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1729690095644/Shield/js/ 3 KB
3 KB 34ms
34ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1729690095644/Shield/js/main.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6ee10b03114d58ae3552f76f67608965f961c9d2743a003b3c8da7e5ff4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: f9795642-b6c9-49bb-9052-f85a79c16f49
content-encoding: br
cf-cache-status: HIT
etag: W/"4042981d0fd53bd731911bfb42a40b61"
age: 1706
x-amz-version-id: ePExGe_G5Tnc9w7AEPf3KqlYIIH7Mdzl
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rk%2BIJdAfNHvD4%2BCQ6TZiCmPn9Nda5K7Hv9jqY6bjpeLzEaK0nLxNDuQrmziduykSJvM49FkeW7V%2BrsJVXKxp6Bv6TZMrQFAOZDh2QMtEJWllTorzsXMV0kacvyvckBHjnho75Qq07A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 7pkBXOVF8SH9Ui_jWM9bmGXCLUX0iGyU6UJGm7fkF4orUGTMDcV4HA==
x-hubspot-correlation-id: f9795642-b6c9-49bb-9052-f85a79c16f49
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 13:28:16 GMT
x-amz-replication-status: PENDING
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-sf8l8
x-envoy-upstream-service-time: 159
x-amz-request-id: BZ73JRAYX801X636
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: g10QxlXAFCeZ4gu95YlyQ2QMMJM8z3tukViXQlsgIoQWvKmmzKo5EG/JEfZEggvCppcpG28pLSd+E0p7ZgxTT1aqhZmpctCu
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 7dc4818c830423900ae855831181d2b8.cloudfront.net (CloudFront)
cf-ray: 8d97ba26ad42d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1729690095835

GET
H3 200 shield-wow.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1682685740703/Shield/js/ 8 KB
4 KB 47ms
47ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1682685740703/Shield/js/shield-wow.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4efcc099f128e3655108f269adb8e838c24ee54d98c3903a22dec225e3e1221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: efbb9a98-1d23-43d6-9562-50239fc82fc5
content-encoding: br
cf-cache-status: HIT
etag: W/"6309bf850dea6345af0b537f2e628964"
x-amz-version-id: 3Y6ojRbIJ3_a2L0i1cyLjVOzG5krJ8PT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDUpf%2BJB6iS3QeP1SiAdKu%2BmpXlf2xZmQzm1IpCxe1SqMVND2dssPUlz%2B0PUCL1Fd7D0j68Hr%2FSGSMgo7sYQov8RvvAZj51bjnOF1vDAygflK5VmN7Lj4D8XJHnWPa7wAfCYVGIMQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: rK4rbbprAJKM1Nu8yLrlZXtyKq4FSQUPTagmsCUnR72mvM3Vh8eB6Q==
x-hubspot-correlation-id: efbb9a98-1d23-43d6-9562-50239fc82fc5
content-type: application/javascript; charset=utf-8
last-modified: Fri, 28 Apr 2023 12:42:21 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6548769dcd-6k429
x-envoy-upstream-service-time: 187
x-amz-request-id: P1NVNPGPD2W0H549
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: UmXrz7px+WvoC5a20GTB38/Aa7c4ngZB6lTiTZc4472SGV6se/YkEK+3EYgvWRA1GUr2veKEyBk=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 7fc4d53a17d950b206cd9fccf1108b8a.cloudfront.net (CloudFront)
cf-ray: 8d97ba26cd61d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1682685740979

GET
H3 200 slick.min.js Show response
www.picussecurity.com/hubfs/ 42 KB
12 KB 25ms
25ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hubfs/slick.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"d5a61c749e44e47159af8a6579dda121"
age: 402961
cache-tag: F-88670129552,P-7048931,FLS-ALL
x-amz-version-id: rscA3GqdMhf_6Xt5rKM52hFVPQ.2lsXw
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3MLbvzhj7XEx1A50Ywzgg124ZPBzS0M9QvGQP23CZx4D4eIvjjIDMdvBmGVFiFRd8PiRZ2TPchw4Nw6PwqCvoDqBpgcXAzSCJfSW1UvaekKg%2F3CmBowQcwFhkzCq9%2BTzKeHiW1YqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: Wt_uy-NCir3NjGTp0vJO34lSkMs8x91ABpKhhqA-Akvoi6s07PGAlg==
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 07:03:01 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-88670129552,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 80FW9D4Z7D34353V
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-88670129552,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: HmAptgAQdtKuuNXormAQeFBGAQ+YEwuGzw6UmpgQ2p+s0aVHU+vCjetdTLMtwQszRlCYvYGRsUw=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
cf-ray: 8d97ba26ed83d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1666162980835

GET
H3 200 module_161965429884_Mega_Menu_24.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/161965429884/1729596799426/ 3 KB
2 KB 32ms
32ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/161965429884/1729596799426/module_161965429884_Mega_Menu_24.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ffc04fc9feaf3e018ef29811c774bd365508ef79d33f9e63c5156a6fc90bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 8cfb5eb0-3323-40fc-9d1a-84d32853c4e3
content-encoding: br
cf-cache-status: HIT
etag: W/"5e8e1af8b761868a7a5d5620027358a8"
age: 1706
x-amz-version-id: dRtkwHLueS9If9ju4jbwtB2njPQROC1o
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJREp49cfdTOMyPv7r3zNl7iL%2FCtm9Oewy%2BDhrEVaFQRbXodI79Re0OjnRpPwLFtS4YVvy%2BHpvRLNhM%2FNrqmcEv6UBxtmIpivWdHq4rornB0vH7HV%2BWFpShjUeyEmT3PQx7I3idaHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: E8ja_lLhxUmkebuzNWQCWAUD0Kywm__86c6pq8TLNrC20m78GN53Rw==
x-hubspot-correlation-id: 8cfb5eb0-3323-40fc-9d1a-84d32853c4e3
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 11:33:20 GMT
x-amz-replication-status: PENDING
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-q9n7k
x-envoy-upstream-service-time: 575
x-amz-request-id: X8YZEPD136D2AF4K
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: zi4pY3bbr4PZpctglczm3qv0N+mLje4DROU6xyAGMtXyQLS2elSwMyQYVGqhRH/6tl8GIfdYu6E=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 0fbab52df0695e2a561cd26eb7f9484c.cloudfront.net (CloudFront)
cf-ray: 8d97ba271db6d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1729596799426

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
24 KB 83ms
52ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: db3d423a-d709-4995-863e-c7925c8ffdea
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: ZQMS1VbFbWDZoJKZTG5NvZHBA.3vkImQ
etag: W/"83516cb36bba59046b931d3496c56b0c"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
age: 112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UiwCy%2F5dbFTpHCN2fbGrHNRquMkd6H0W6kYYcnNZ2QGjQLp9KOrJjmoXeqpK2zqDwtnPUcMQF3z3yAZZxL0RdfA%2Fj7KTYxdWgof5d7zDvzUUepRa%2BIhEGZEZR%2F7YV8urW%2FSmzqvPSLrfS5Ot"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: u0PYbOIh5sXztJQQhYTLvWbYVdgJZnd65578vauejh4Rmvds2hjtlA==
x-hubspot-correlation-id: db3d423a-d709-4995-863e-c7925c8ffdea
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 19:28:29 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-dbgsd
x-envoy-upstream-service-time: 1
x-hs-target-asset: web-interactives-embed/static-2.1607/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1607/bundles/project.js&cfRay=8d6bf30cde7eca68-ARN
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a5c561e51-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H3 200 header_height.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/117283871284/1723556727031/Shield/templates/assets/shared/ 738 B
2 KB 23ms
23ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/117283871284/1723556727031/Shield/templates/assets/shared/header_height.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16de7b1b4aaefe1a073fd179d639c5264e6451ea208b8b9cf72ef0d846b308f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 4148c5ff-8342-43c2-adc5-c8aa656894b2
content-encoding: br
cf-cache-status: HIT
etag: W/"92119b8f6e821b04443cc2c8f724a1aa"
age: 261
x-amz-version-id: qOltGM6xekzHdTLGg5xGyd_.gll1rzUO
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2TsKs5DqCD9Dz8RNSulPjNrPCHBhQNJwbVwG7Rl4qyCOjwx2MVwW0gTax5%2F6p1Iy0UikwaPruaivcVi1TVCy%2BX0UvkfqtoUGNVcQv8H05RagXlPukLPuwRUuDCc9LZBbXGjE4txr4w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: KPho9Go7oaNQf1-Iq0vxg5LWMtANIKymGS6AXqQSvCPC1VQX41iA0A==
x-hubspot-correlation-id: 4148c5ff-8342-43c2-adc5-c8aa656894b2
content-type: application/javascript; charset=utf-8
last-modified: Tue, 13 Aug 2024 13:45:28 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-k2wrb
x-envoy-upstream-service-time: 179
x-amz-request-id: QACZ9G5GRWT9261Q
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: Fi+Ug3N3l8JxmAIvsBr9q2No2rE46KIYuooqCjT0tOAOMsyo+xT6gqqNLjJFvGsMVWV2DmCeqJrBsZe+SQ+fWNZURbGdH5gQ
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 6129f7f4feb0c02da809b6ee7e340b18.cloudfront.net (CloudFront)
cf-ray: 8d97ba271dbbd290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1723556727202

GET
H3 200 main-blog.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/158844553760/1727782857967/Shield/templates/partials/blog-post-layouts/js/ 2 KB
2 KB 55ms
55ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/158844553760/1727782857967/Shield/templates/partials/blog-post-layouts/js/main-blog.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2591f422aa5cfb1f8bf00a5db7c9407e81037dbeaf22b2e8a791e56468cdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 6498906b-269c-4ab7-a06a-d96744cdc555
content-encoding: br
cf-cache-status: HIT
etag: W/"8f1dca59f4a10730aace2d8c45529cab"
x-amz-version-id: QZiKZKg8tx7TF06UX1gXrwkYWSUUQRrD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eysZX%2FiOiyKSgUvNFNpqXh%2B0eZLqnl1pUv2dLJZ5THVMwPYwr%2BeFziD%2BJXrAvca5nRrUQqSm497N7n9P1nuouc64HKurrdmgaptrowPfTwuCr7YpEIR2zWUfIKWj42pnThj89kGSpg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 5jR-VOpby_N_mZzSqGAOZNgbRInb_z0wmqT4VySdowlXQ9GurUf9Dg==
x-hubspot-correlation-id: 6498906b-269c-4ab7-a06a-d96744cdc555
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Oct 2024 11:40:59 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-gdtt5
x-envoy-upstream-service-time: 197
x-amz-request-id: R4A0GRVCSEMC3A4S
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: a/gWYy3UfBmR09CKZbbHahCOAuRwfYD8q1e4obxcA3XJUEpFVdhLvPN5qsbWbyAChZA8ophgVMY=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 40b60aeaf88b52755048e453b78f096e.cloudfront.net (CloudFront)
cf-ray: 8d97ba274deed290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1727782858138

GET
H3 200 slick.min.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32497563799/1619786241508/Shield/js/ 42 KB
12 KB 46ms
46ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32497563799/1619786241508/Shield/js/slick.min.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d875f9a2038e25a599452c9e774403240c3bc83df261ed41188bd7ecdf71fee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: fae0b256-5a28-4305-9c3e-e80d38ab10be
content-encoding: br
cf-cache-status: HIT
etag: W/"a8efc8a1f019dce7f17886f4d81411ca"
x-amz-version-id: ZPb_r_lrZScln9b_.gUpWD_pgBVu7aX9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruRZFIwyP5huXlu3lnO6PzN%2ByakPbeJ6MgFfiIQ1YHMulnPR91GdAX80O%2BaSfAmHf96kG1w%2BCuQMNDcfKCRARx1dDSMddc7ZNdyHlbwL9AbygzaaDXvBEs34U%2BiUtYFXztP1QFuZnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: nYXJQmh57K4JS_IzMelLBdYZpSGuMI592tg9yc44QSMWuRRRjmA61w==
x-hubspot-correlation-id: fae0b256-5a28-4305-9c3e-e80d38ab10be
content-type: application/javascript; charset=utf-8
last-modified: Fri, 30 Apr 2021 12:37:23 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
x-envoy-upstream-service-time: 202
x-amz-request-id: DAYFGAR66X2S86BW
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 09SA3iQuvExsg/mbuH2y/tmFAte/KzlH0K4sMwMHY6tt58tJ9+vv72L2TniJEvOZDvLkatBoQa09P1ENS6c+vU6xy7RMXvJBtuD2pX7ABAA=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-ray: 8d97ba274dffd290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1619786242195

GET
H3 200 7048931.js Show response
www.picussecurity.com/hs/scriptloader/ 3 KB
1 KB 393ms
392ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/scriptloader/7048931.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

55ad4ae907116ad35b297435591c83d061a169558958b460855b1e7563e02cc8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nFjANWktrDPrU8tPtQp4TGvIgMx1Lt8gWgTaaoCZR3qeHlI7rZBu9chTA%2B0oDoqDrzgqXJo7hsB9S28qhFK5TmhN0a1dGwchwsM5IMazguwz85XKookwxxFxJi5vaiuEfCmATrEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:10:58 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 3bbbf5dd-b824-445e-8fae-13e425c80159
content-type: application/javascript;charset=utf-8
last-modified: Mon, 28 Oct 2024 03:09:28 GMT
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=90
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8d97ba2a28ebd290-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.picussecurity.com
content-length: 735
server: cloudflare

GET
H3 200 index.js Show response
www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/ 12 KB
5 KB 45ms
44ms Script
application/javascript 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3ef0deda0631561665e95645daf500a2"
age: 373520
x-amz-version-id: O3iI8Pl3bd7LIBbSsE98q3XHW8vfw5hp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hORwLRBopnE3s5ercKskV0prZcrqB6yiwX1NDcgU8%2Bx3sdXUYwKI6Qgp21ZWv%2Bf0nSR08JEHS95K2RxyL81VrWlG541iB84VuPOm5jHrxJZibTqjEIXtA6wzOBPxscwZY8QkZRZpTA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 03:09:28 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 78-aHA7F3dP6afrNcVX69MHrCMKeWkk0B0hdny9J2gkibGszdoa1sA==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 20:24:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a28eed290-FRA
x-amz-cf-pop: FRA56-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
858 B 32ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1711704470960/Shield/css/theme-overrides.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b07feb8dacb85eaa974e4da4e4268679888a74f92ed43e15123ac701717ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1711704470960/Shield/css/theme-overrides.min.css

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 03:09:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
737 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@600&display=swap

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/s2-generic-2024.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f2662d3a952503f1a49334a9436df710115bffcb783697a5c6e85f8d5883d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/s2-generic-2024.min.css

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 02:21:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 93ms
8ms Script
application/javascript 143.204.205.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"e31293f40e8a324de552ff593ee76a9b"
age: 21
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 20QXZy-OIYXRocCQGxYMrMFVEx2Nk04svT3Sap-64UHTCWuQap9pbA==
date: Mon, 28 Oct 2024 03:09:08 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 350 KB
112 KB 141ms
56ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc00fa2bd200ddd72f9d14cb184c078b5a6154a7beaabb114007663d05677726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 28 Oct 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 114331
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
19 KB 10ms
9ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/8aaca2fd-5cd9-4888-ba4c-a92130465f35.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d5ecf2f6d5b7937dd1aa50165b89193436347d55cb130951d41e028b1f09d3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: private, proxy-revalidate, max-age=10800
content-encoding: gzip
etag: "66fb91ae-111bb"
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 06:09:28 GMT
accept-ranges: bytes
content-length: 18819
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.14.0 (Ubuntu)
last-modified: Tue, 01 Oct 2024 06:07:42 GMT

GET
H2 200 hotjar-2366058.js Show response
static.hotjar.com/c/ 13 KB
5 KB 460ms
11ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2366058.js?sv=6

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

053c8c8b674efe7ec857eeacd8e075c8448330ac932a374cd01d109f008b5194

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/1832d53d4cde5c8d9dbab07b6518f072
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: hDt00QJemn0igET4Syth7NTwtKymteI8zix1Ws5dEjcMAz2IsD32lg==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H3 200 s2-generic-2024.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/ 15 KB
0 0ms
0ms Stylesheet
text/css 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/s2-generic-2024.min.css
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc1ff7f9b57caf071c85b50968032dea1fa2ff1dc8a84da9d248d70a7820ffd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: ead8ac4b-658a-4a0f-aea3-8059ed2b02a6
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4b2acceb7f22fa88055b1b6ea68f43f6"
x-amz-version-id: P6D8I2IPwV0ppjV6J83azg6P8d4.ZgZ9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FPPztgCV3rqYhJu3y6SMOhGQz9EErSF%2FqGIAKdoyYRn3zA0yb5mmf2oXtIBjRJASQ6Mw2UVVDnbEtgfFfbRei0NX6aDQpBhjmiyv%2BbFeOc6KXchv17Uzg06S99nSU5GxUyFeLLp6A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 6x-dFvVnpL1wl-71l3rxSC57mpUcuU-Zjjb6qsppwjrWSEsep876Mw==
x-hubspot-correlation-id: ead8ac4b-658a-4a0f-aea3-8059ed2b02a6
content-type: text/css
last-modified: Tue, 01 Oct 2024 13:30:49 GMT
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-bj2qm
x-envoy-upstream-service-time: 154
x-amz-request-id: FYR1HP7QP74QEZ1W
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: origin, Accept-Encoding
x-amz-id-2: paamTXiY3Y2WvfIAx/AIrj3JFgdAMFc5xWnrow5wQX66sJPx9nfDuKvu0fWgXRgzrg3I9KU1Mtv4ZQsPqQReptd6s75AGNpp
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.picussecurity.com
access-control-allow-credentials: false
via: 1.1 5084a25d91022b55b5acf281581c6444.cloudfront.net (CloudFront)
cf-ray: 8d97ba25fc90d290-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1727789448244

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
0 1ms
1ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@600&display=swap

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/s2-generic-2024.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f2662d3a952503f1a49334a9436df710115bffcb783697a5c6e85f8d5883d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/154512352373/1727789447438/Shield/css/templates/s2-generic-2024.min.css

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 02:21:13 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 white%20paper.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/ 2 KB
0 1ms
1ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picussecurity.com/hubfs/2023%20-%20Optimization/logos/menu-featured/white%20paper.svg
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ca2178c03aa90413665605224901388a8a7694be710ccf31d1c9546f6bb558

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"66405d9753202d06b0b9b8c0731c122e"
age: 402962
cache-tag: F-162784353194,FD-162786929972,P-7048931,FLS-ALL
x-amz-version-id: qKWviCmcUVpCSakC.wZPgGk71W9rF9zO
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLYFhihQ7TW6u%2BTm4ustiHTSnC9DM%2Fj8uj0SyNyP1tEDkHFp0zb65q%2BxNuydiSZBxDJ4nSvOsa18%2B5kf4zAGtJlAZvz9I5xQzrUbWflJIlCDgT5AcQnfxA5NkVKrDEkfTQiQp0Puzw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 2Lz_kX_-f7D-jBCemV4HVinoEHVMqoQBq6aBzdY9RHAZNJTH8wgSsQ==
content-type: image/svg+xml
last-modified: Mon, 01 Apr 2024 12:08:04 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-162784353194,FD-162786929972,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: B99E2BSYRCRT8DZD
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-162784353194,FD-162786929972,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: ElmE6wpNnfupcrk+Ts8cY2b/khLgwC9xCjgw1U9b0HUWA19pCtJRFXTEPF3m4WR++BQq+0vuJICmKAq/bED/2hJ+d4CDdbEWJGI0/uZ5d0U=
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
cf-ray: 8d97ba260ca3d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711973283545

GET
H3 200 Group.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/ 2 KB
0 2ms
2ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picussecurity.com/hubfs/2023%20-%20Optimization/Group.svg
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 228f08d7d79b9a75e9df18997ee260c139fe2d538924d5f05037e047d3f41d38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"8f574252daab27008baf3457366fe0bc"
age: 402961
cache-tag: F-161968113191,FD-106424384934,P-7048931,FLS-ALL
x-amz-version-id: Y4m6PvMsT0hDs0VfCSSE5aTeXjUonr7R
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EE%2BAm1XMc26%2FRkMR%2F0bq7Tk3LunKgkLFQP4Gg1p4H5ubcwUg22%2FN%2BfuPHG6rmXYUVZkJ2jIHcDzYvuA8IRrvoI3%2FKrCiWqncXrD7IaMBVZ7HO%2F1ak3nvXHtuWhJFx6l9sqfJi2SzQA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 4ooegboCKhPkWOxs3AvUph-IfRldDeu9ZU7CuYRicS2u3MGGiWsZsQ==
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 09:47:07 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-161968113191,FD-106424384934,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: SP2KNG5V5QC271VF
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-161968113191,FD-106424384934,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: ExkyK+ZGxJOkAr/dQhhj7VvD5jfNWNSLreTan0akaXl0uoz0iVj9bLQH64+whtAKD+cPdHVUohs=
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
cf-ray: 8d97ba266d0ed290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711360026267

GET
H3 200 Paper%20Icons.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/ 3 KB
0 3ms
3ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picussecurity.com/hubfs/2023%20-%20Optimization/Paper%20Icons.svg
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8762831ff219f8b76b3479d9ffb9da218a058d059993123584cdbb5da6c079b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"af898a1c995d79d5de9c5bbd71bda7b7"
age: 388711
cache-tag: F-161967644941,FD-106424384934,P-7048931,FLS-ALL
x-amz-version-id: G6aTXUudX1thnchIZCO_zEyjoyxJwiGR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tz7W9ZC7bEjD33%2BQAOVVaPqwXrxct7baYZQ1U6XqA0Vv5omtCcijlljqsP06aieuMIyCHJI0BN813k5143T%2F5WhPyi6VCtduLLsi6l4Px2yHBba%2BZllkdCi%2BX0SxkSvcsCh1H%2BCRgA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Od7AO985q10rzTBPhC4i1cdank3AeldgsWe21L2DOm1pUVw412MqMQ==
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 09:51:40 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-161967644941,FD-106424384934,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 85PFFNHDMBAZWTES
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-161967644941,FD-106424384934,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:27 GMT
vary: Accept-Encoding
x-amz-id-2: kfbrcaYUtG/+UHP+yKOkBlx32jmfYGBWFrLOrXVsE4RjVeb2KKcfbeo26eah/gloO0/UpwSdTkcFdDYO0sMWUF0S6ZuOmiMS
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 cce339e34372cea758a4181fcf4e7c14.cloudfront.net (CloudFront)
cf-ray: 8d97ba268d24d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711360299644

GET
H2 200 tracking.min.js Show response
t.visitorqueue.com/p/ 10 KB
5 KB 251ms
8ms Script
text/javascript 2600:9000:2490:c400:c:77c4:d500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:c400:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccee1682963a5d9deecdb1dcf9f8e00135cf80c850f2e3309637aa0b14a47938

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"1a589f09f32aebb87ae510d59061222c"
x-amz-version-id: JxdgYfCT4cq74i5RocdKtDF0l2HXeH7n
age: 10108
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: PvakQ0KGBfF3cV7vfL2UdxXHxRrJFKYQfjInrDIeqEWmqjvbOKglsw==
date: Mon, 28 Oct 2024 00:21:00 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 15:37:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 160 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1af850eed9d8f478503ae0d24ebdd78691a15ed523db6f16df44b9da327c0d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 mega-menu-down-arrow.png
www.picussecurity.com/hubfs/Shield/Images/ 98 B
1 KB 38ms
37ms Image
image/webp 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Images/mega-menu-down-arrow.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "8e2b3f8a9be7c266f20ac70b5ef7c9ef"
age: 402962
cache-tag: F-39029899220,FD-32586780943,P-7048931,FLS-ALL
x-amz-version-id: oVZ1tmPGae_LgGyoO.g0kL81yj6KC.HE
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9qfoOF6APW97pjY07FJmP5aYUGxUC7VjgZMbYQ5JVOL%2BpD0SBnZRA3ZGrS9R5vX0G51cFvjAbVr9qqEiKQZIXJydnj613WmKhM0L8qzhpfxDas4TUE5m%2FaXVTVgmSRdHKaUp09He0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 9jSy4K6N7vu3f1_RO6TYUZ9wTlfpHBliYeB5MHIr2kGHw2ByfKF0aQ==
content-type: image/webp
content-disposition: inline; filename="mega-menu-down-arrow.webp"
last-modified: Mon, 21 Dec 2020 15:20:35 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-39029899220,FD-32586780943,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: MVRD36JQ94028GPG
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-39029899220,FD-32586780943,P-7048931,FLS-ALL
content-length: 98
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
cf-polished: origFmt=png, origSize=121
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: Sf14MhG9rHvbiRCh9EsuU6RkyCb9ozhsExLgfagmCbwZhTXV3nNoD1K1gZOqqW1W/vAFn3OMXTo=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a4909d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1608564034330

GET
H3 200 dropdown-bg.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/ 31 KB
15 KB 37ms
37ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/dropdown-bg.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf7bbe2ff34569ca8208b5df957ae1bd37d2403d378146fb4e993155cb9820d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"9f9d4423178b24188abc6b47edb3cdc4"
age: 402962
cache-tag: F-161975016249,FD-106424384934,P-7048931,FLS-ALL
x-amz-version-id: GOOL_26Jvo0IEgl0bjBjQHkckzY3zQ9q
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzZyTzmCdnqxf78EeBj5bhjJoGrI5VurIA1TNf2X9A38b2oR2f8pf7QiTYbBD%2BpEAQrfgrCnUD7sp86unJxaWIpxUq%2BSjyq2lo66RESuL7dFbczsxlMq5ZmOH9xzud%2ByUoXuD8IdJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: _Qsbzim1Im8zINFlsVxS43iB7rqbSe6P4l5QspjGrasTF98z4hGG6Q==
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 10:54:26 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-161975016249,FD-106424384934,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 80FMPK6QACWEPJG5
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-161975016249,FD-106424384934,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Accept-Encoding
x-amz-id-2: erqWZb7sTuWsHMXpceCMNAgiPm6/RdPcAU7upgWWDaeMS1bFSfoKcGhcHrMoKZfWnGZzapRtFGo=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a490ad290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711364057618

GET
H3 200 Rectangle%20102.svg
www.picussecurity.com/hubfs/2023%20-%20Optimization/ 197 B
1 KB 26ms
26ms Image
image/svg+xml 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/Rectangle%20102.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea40563dac288d2a4e806100888a28be233519095512b5b0f44f02d4a4b23aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"977c98d8ef6f43bbf2d0b84be827e3f4"
age: 402962
cache-tag: F-161969425522,FD-106424384934,P-7048931,FLS-ALL
x-amz-version-id: 6SKLAgGDi0sGrjUFBlWH1sxZJTNCi3le
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQk1URvgDbo0LW1up2IcsIGoHUdQZxjt3WHyRN4e%2FzH5t4h5yZhY77Ggn8uIq8PeC%2B86dTBnR6zHZVvX9oekZjzjwKY71nPcmYtPAMccMDqLwaOoTrKtp3hZpV19Nl1bUOMcayccUw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Dz1JNs7r0I6Q9Jhygjuw-ePepleIbXEn88gmeJJ_LdcsrLnfkIEm5A==
content-type: image/svg+xml
last-modified: Mon, 25 Mar 2024 10:52:23 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-161969425522,FD-106424384934,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: WYNPND940CCP04RB
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-161969425522,FD-106424384934,P-7048931,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Accept-Encoding
x-amz-id-2: S3mEu3ro9OhLH6cSEYB1ogkShsUaHbl+Xzd1JiI+ecMfALyQXUsPvQGoBNl2Xmr4H5+apoThuKY=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a490bd290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1711363942083

GET
H3 200 bg-resources-hero.png
www.picussecurity.com/hubfs/2023%20-%20Optimization/ 271 KB
272 KB 37ms
36ms Image
image/webp 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/2023%20-%20Optimization/bg-resources-hero.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1729666478482/Shield/css/main.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d853f486dc84fdc7d1b073cbe0567f4ad79b211fc28ed46186bbb0c8cd1ad26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1729666478482/Shield/css/main.min.css

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "d0fee8b958d9057e647a94f7db3c9a78"
age: 298525
cache-tag: F-157034522480,FD-106424384934,P-7048931,FLS-ALL
x-amz-version-id: EcSxbCGIawRyFaBBkybAUOhnSjgonGVI
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00OSaJuAR56DCVP0H9L6UEl8saA5TL8Ld8cwlxBHUIwJQovPFMpgMD%2FlPREu3XGYg4bukyawVJEDDtXKBxYeA%2BQsodhKAxsBz1F7wk5I2Y08x7lItyGfsMqKwO8KtaBNv7MmskjInA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: nF_jYM7XsfzOZiW8xNI7L6uLq-WnV50857mzzO625ud6h1oz49d4fA==
content-type: image/webp
content-disposition: inline; filename="bg-resources-hero.webp"
last-modified: Thu, 15 Feb 2024 12:13:55 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-157034522480,FD-106424384934,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: DAVJ2EK57XWP0HJV
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-157034522480,FD-106424384934,P-7048931,FLS-ALL
content-length: 277185
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=604050
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: pm0hyVGjVfGmNDp/87ZeTn5e+ifMaYIs7mxldJ9H9oGmvjxeXLaYXTvtM2qLKo9LwJtlDHJdzDXrnsXVIyBR4QGKoveaKAN71Ij0WfNNmDI=
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
cf-ray: 8d97ba2a5913d290-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1707999225481

GET
H3 200 700.woff2
www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/ 17 KB
18 KB 46ms
45ms Font
font/woff2 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/700.woff2

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b71a29ecd59a83648619466fa24609d9030aa3eb31b3cedc7f9b424d2da1a270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-cache-status: HIT
etag: "e07916f3407087b153d29bebb418965b"
age: 261
x-amz-version-id: OZTclN99s_jogKp63iRqV0mH_styJuC5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5l8il%2Fyws0pO99POM4n8I2zB1rhxnVZssDuqLzRd27sqQ4e%2FlJ8TOa9NclUB4Z4K9CPsyJxiaTpMZf%2BXJWc8evQ0vk5OomgnpS6Ie%2Fw2%2Bd7lH4rrO5d1M2gdMBoKSC9xWC%2F4KfrxPw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Mon, 11 Nov 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: SfPZWg_KcZetNND88H72qvGpnUUvxDd92uFeVFT-rnJOIIEMWwG_Hw==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: font/woff2
last-modified: Sat, 07 Sep 2024 17:22:59 GMT
vary: Accept-Encoding
x-amz-id-2: YTNxCAl4CWGMrygmtulkq44sW5X7koOxdsCgjNRtG34rMrnBqgtP4Y4JLDKryhUM9QxHZWhRWjY=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=1209600
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 297a2b3ab6b9933e5d097fc4266514ae.cloudfront.net (CloudFront)
cf-ray: 8d97ba2ad99dd290-FRA
x-amz-request-id: ZRZ942AMTXN2A1S2
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17464
x-amz-cf-pop: WAW51-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 regular.woff2
www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/ 16 KB
17 KB 48ms
46ms Font
font/woff2 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/regular.woff2

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fdcb805a20649db94783ffc68e227bd61a806f29af381db6c84b52138d2dccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-cache-status: HIT
etag: "944832f134e36e508e05dbe34a841f6a"
age: 261
x-amz-version-id: PxisF_UNpAHOLz9qSUz.ic2u_YEt6Dks
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyE7OVC7OQGR7X8V3ET%2BfP%2FlZmL9LHPEL6IjngmM97lBNl1eBx8PLerfeYE0DlQAXV1tPIPRa7nBBqbrV4BEhAprfyRVo%2FH3O%2BWtAS2xj7qt%2Bh8oGgEOsirBk1rhtn%2FEUW4o%2BVFAKw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Mon, 11 Nov 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: eWiSLZSjxpNAPJoUQQedcqAsCJB00MkU3j6sy-RpSEsdLiqFHZA7yg==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: font/woff2
last-modified: Sat, 07 Sep 2024 17:22:55 GMT
vary: Accept-Encoding
x-amz-id-2: 5eL2C5NxKODCB4gmvd7jwKv+6qYa/OzyxEBmeQvcdtABHbsaOBrnaR+p6KKs6JTpIUKf5YHfADdPbu8YB/hI76tQbvZFTtzgp6wQLKuMkjk=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=1209600
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 5fcaff61319ae387c2158360c598d28a.cloudfront.net (CloudFront)
cf-ray: 8d97ba2ad99ed290-FRA
x-amz-request-id: 9HXRGZ8VB8WVKH44
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16788
x-amz-cf-pop: CDG52-P5
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 75ms
29ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://fonts.googleapis.com/

Response headers

age: 471055
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:18:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:18:33 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
H3 200 UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuGKYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 24 KB
24 KB 81ms
36ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuGKYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

62553d159189834af73c9a6264704be5b2bee9a08da66a14768d8e5c6ffd2cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://fonts.googleapis.com/

Response headers

age: 536219
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 22:12:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 22:12:29 GMT
last-modified: Mon, 29 Jul 2024 22:45:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24304
x-xss-protection: 0
server: sffe

GET
H3 200 regular.woff2
www.picussecurity.com/_hcms/googlefonts/Inter/ 106 KB
107 KB 39ms
37ms Font
font/woff2 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/googlefonts/Inter/regular.woff2

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e095c77cbc278604a08136ba272382190c0c7a12a26777a33ca20fafbb59186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-cache-status: HIT
etag: "7206d65c5fe7587e1efb16144ff41175"
age: 261
x-amz-version-id: qqsy1i54n5NfUHnt2CpgzmQxrsUTlalp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYYeTapRp78YJFKEblKHsyybkXsfe7hVFkGx9iBJT8IeMtt2olfOpQXy%2F%2BgVnNjDZ4V8UX8Xh0uAjqwaDIHngxE9BVqn7FMUHWqlIJ5L3YRKcV6ENd7ub3Pp1LtGYaqkK09koUFK%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Mon, 11 Nov 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 6AlCSHyvp0H9dctHAQe6Ql1q03KV7jQBmyE6Q6ZuIiGdQkaQF2oVOQ==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: font/woff2
last-modified: Sat, 07 Sep 2024 14:17:57 GMT
vary: Accept-Encoding
x-amz-id-2: XXoJIGc9EZwo7ofk31oFlx949/J3HhJItrdo7jeHqKD/MFuPWojUN2TZL17lCoXfj2jxLL5e9c0qh+zrLxR3Zf2JrxBWbQiDw2SEGj3VFoU=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=1209600
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
cf-ray: 8d97ba2ad9a0d290-FRA
x-amz-request-id: VNDBDR94WNQE2ESH
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108176
x-amz-cf-pop: FRA60-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ajax-loader.gif
7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Picus%20IL%20Shared/Shared%20by%20Themes/asset/font/ 3 KB
3 KB 147ms
127ms Image
image/gif 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Picus%20IL%20Shared/Shared%20by%20Themes/asset/font/ajax-loader.gif
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/119013969479/1686049622830/Picus_IL_Shared/Shared_by_Themes/asset/slick-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/

Response headers

x-robots-tag: none
cf-cache-status: HIT
etag: "c5cd7f5300576ab4c88202b42f6ded62"
age: 2314919
cache-tag: F-119013776918,FD-119014686826,P-7048931,FLS-ALL
x-amz-version-id: In9ttezEZ_GM9U3eektboBkYWwcorOKA
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 44GVKZ8PvScg-nnUrYh-YlwRB_7OIIbYSDj-weudaSjzepa2QLZDmA==
content-type: image/gif
last-modified: Tue, 06 Jun 2023 11:06:52 GMT
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
edge-cache-tag: F-119013776918,FD-119014686826,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 9V28ERJM5XTW29XQ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-119013776918,FD-119014686826,P-7048931,FLS-ALL
content-length: 2592
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origSize=4178
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Accept-Encoding
x-amz-id-2: bAoX7wZReMGQYWNbA4I2m6sC4EvqZl/I2LhA6Lgkb+sB3+D3HrMjo5pWpGvdmg0rOCJqVv9TsKWzT5ygDePHaw==
timing-allow-origin: 7048931.fs1.hubspotusercontent-na1.net
via: 1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
cf-ray: 8d97ba2b28b4d399-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1686049611853

GET
H2 200 / Show response
settings.luckyorange.net/ 129 B
771 B 233ms
191ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&s=202290

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4aedc93d1c0050ee019a0f8a838d5de2b64ca89662eb31c45e04da5d3f09b4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-frame-options: SAMEORIGIN
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYAc3YRCrzSVx7PV2XLTj0%2F%2BV3jicum8ChUqRzgPef%2B0tFkASnszmwi9N%2B0laFMzautLkQshDebws6LH6jf70GBgdEzjvft8OM80nHIB5w%2FmfYL2Rqa8ultIriE%2BYawEsC8SD3FmDKCZ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d97ba2bdb7c1d90-FRA
access-control-allow-origin: https://www.picussecurity.com
content-length: 120
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H3 200 json Show response
www.picussecurity.com/_hcms/forms/embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/ 7 KB
2 KB 143ms
142ms XHR
application/json 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/forms/embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ac9331443944513cc67eb67afa7289da3148bb279610de6a82ec2cbb9fd5855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: 1aa72710-7e75-4c0d-bb8f-ab4a90054076
access-control-expose-headers: X-Origin-Hublet
content-encoding: br
cf-cache-status: DYNAMIC
x-origin-hublet: na1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FY2pi17dqxFzcSnidn06VBYg4E4JFMgMXDT2y6iSDs2abqLs45CYT%2BIw1OvXO%2FkSw3W45yfZSNbLVAVf2yLFvC8a7D89zDq5TIKpW5dMTcatQl17%2FThOzK19%2FoqBt3LFOqp02AxrDg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 1aa72710-7e75-4c0d-bb8f-ab4a90054076
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 23
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-fr7cm
access-control-allow-credentials: false
cf-ray: 8d97ba2beaffd290-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 json Show response
www.picussecurity.com/_hcms/forms/embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/ 7 KB
2 KB 280ms
137ms XHR
application/json 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa4fe2a0dfba4039b6ef27e3bb35df1b51a3156a92a7cdcbaf4c5e6fa80769a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: 40cc4417-65bb-4c17-9a1a-60a0c4257542
access-control-expose-headers: X-Origin-Hublet
content-encoding: br
cf-cache-status: DYNAMIC
x-origin-hublet: na1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GM6NAYXyuPiLJW4a%2FcwJCsd5VpgdJt%2B7V%2FrYJCI2hQAaa5MIb2MRvZmsYv5vio%2BKHgRRV4gMjgzmxDZQMqFMqFXkrw%2FJ3x4x7DJJhQLChEnq2Hd7ZuRkvdT3MVww02yeF4EGpAlTQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 40cc4417-65bb-4c17-9a1a-60a0c4257542
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 22
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-mwcnr
access-control-allow-credentials: false
cf-ray: 8d97ba2ccc32d290-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 29ms
9ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

17d723709d3cf22819c1cd64ce6b2ecbd3171ca8ae113106b88b354145b33f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-md5: pGE/0yFczE/hh49jh8imKQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "24b92dd706903bbb33581ada5ddd0782"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:28:11 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: fb2a11cb504ea59472efe7578030bc82
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4418, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: CkeTYXZB7r18CSEXJiX0G+J0RBBJ8+VKJyzkw3u85tWOqYM2/E8k0o/Q684Zx0Brm3EpJd5M/W13j/Z8MYaT9w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?1

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 52ms
13ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Mon, 28 Oct 2024 03:09:28 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200137-IAD, cache-muc13924-MUC
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 2 KB
1 KB 339ms
310ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?contentIds=151218727472&contentIds=167294604350&portalId=7048931&currentUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&contentId=181865102081

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e66d13cdbe7155c99d0a046d9d9f2d5510c4acdb31032bc0f7b600d49bd3571a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: c6f442f2-7be8-4006-84dc-9df16ce74654
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbDcl%2FRfUxVyW487QFo8v9jjRbTiP4T9ivK5Wp00Nd6K%2Bhn6zz34gTOZzOhxTW1lM6eniELAO%2BN8HlEaiWBKtEHuY%2Ba282LPjJ9UJFXl9oBZGvvALueB01fjblY%2ByTZdL5rgfx7Vuhf5Y0b5vksGsppU2Wvktx4k4FA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: c6f442f2-7be8-4006-84dc-9df16ce74654
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-5p2sv
x-envoy-upstream-service-time: 18
access-control-allow-credentials: true
cf-ray: 8d97ba2c6cf871ac-FRA
access-control-allow-origin: https://www.picussecurity.com
x-evy-trace-route-configuration: listener_https/all
content-length: 640
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 html Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/render/ 1 KB
2 KB 333ms
305ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/render/html?contentIds=151218727472&contentIds=167294604350&portalId=7048931&currentUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&contentId=181865102081&isHubspotPage=true

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8a52a29d96cfbd4f122661dbc14f5394eb73864746158e8c2a478ea7e6f7357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: c92e7488-ca6d-4b8f-a2ba-9e959ffe04dc
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwNGEahq3y0YknJXtVpnM9kESknRAPjZez0BY7G8PNjD5gTawZOepfxwOEgby1pyRcoTrP086j%2B1%2BxqwTAF%2BBbPo3cZH29YdNncQYbSYH6hdXQ94FDEqw6lfbI0OWJjeYJfdiOCm80hbK52W6wO1C0%2BKdYWNEosgsy8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: c92e7488-ca6d-4b8f-a2ba-9e959ffe04dc
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-8lhvp
x-envoy-upstream-service-time: 188
access-control-allow-credentials: true
cf-ray: 8d97ba2c6cf671ac-FRA
access-control-allow-origin: https://www.picussecurity.com
x-evy-trace-route-configuration: listener_https/all
content-length: 725
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
453 B 199ms
190ms XHR
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=7048931

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: d01cffcb-21c8-4d73-9d47-a5d77b59f1f9
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-methods: GET
x-content-type-options: no-sniff
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: d01cffcb-21c8-4d73-9d47-a5d77b59f1f9
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8d97ba2c4d2b1e51&resource=unknown"
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-ljl28
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
cf-ray: 8d97ba2c4d2b1e51-FRA
access-control-allow-origin: https://www.picussecurity.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670063733&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94d36389725742972c21bdd98cf45448b1ae4378e98f0424f3093f53235c88e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 28 Oct 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98042
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js Show response
cdn.mouseflow.com/projects/ 115 B
460 B 48ms
24ms Script
application/javascript 104.18.27.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.50 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d65e0bb2b93943ac7a72d8f70bda4f8931d6d07c9731bf28dc1d895c1dc4edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"66d71d3f-73"
age: 283492
x-mf-country: DE
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 03 Sep 2024 14:29:19 GMT
vary: Accept-Encoding
x-mf-continent: EU
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
cf-ray: 8d97ba2c7a2630f9-FRA
access-control-allow-origin: *
x-mf-script-region: enforced-privacy
server: cloudflare

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 59ms
11ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=74576
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Mon, 28 Oct 2024 03:09:28 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 90ms
34ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B331DEC534A44BE99C0E331AE4FD5521 Ref B: FRA31EDGE0817 Ref C: 2024-10-28T03:09:28Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 343 KB
111 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DB6MKXQ2E6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b684de47fc5d19de433e8fbf5b88e429fe6effe478970b31dafeb0dfc68286d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 28 Oct 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 113392
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a00ac1e97469410d27c7807937a01a9fb37272970d20a0178bad424be0bdf6ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fffcc1196c1beb2cd92264e3b6efe6fdebc9129610b8308987eff5d97ebab507

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 open
t.visitorqueue.com/p/ 2 B
318 B 283ms
281ms Ping
text/plain 2600:9000:2490:c400:c:77c4:d500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.visitorqueue.com/p/open
Requested by: Host: t.visitorqueue.com
URL: https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:c400:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
access-control-request-method: *
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: text/plain
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: p9_zWBMbA88atjt_kxJBKDhfBmYIBS6F7Q2kzjfIvkR3cUlAqIXwCw==
access-control-allow-headers: *

GET
H2 200 open
t.visitorqueue.com/p/ 35 B
368 B 284ms
283ms Image
image/gif 2600:9000:2490:c400:c:77c4:d500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.visitorqueue.com/p/open?l=9&q=cGFnZVZpZXdJZD04ZDY0YzFmNi00OTU2LTRiMTctOTJjYS1hNDgzYjcxMGNkOTAmcGF0aE5hbWU9L3Jlc291cmNlL2Jsb2cvY3ZlLTIwMjQtNDc1NzUtZm9ydGltYW5hZ2VyLW1pc3NpbmctYXV0aGVudGljYXRpb24temVyby1kYXktdnVsbmVyYWJpbGl0eS1leHBsYWluZWQmdmlzaXRvcklkPTRjMWU1NTVlLTFmMDItNDBhMy1hMzY1LTc1ODA5MjQ0MzBiOSZ2aXNpdElkPTJkZDEzYWYyLTExYjctNDY0My1iYjRlLWJjMWIxYTZlMDg3NSZuZXdWaXNpdG9yPTEmYWNjZXNzZWRBdD0xNzMwMDg0OTY4JnZxVHJhY2tpbmdJZD02N2FiMGVlNy1mY2JhLTQwMGItOGNiMy1kYjdiYjFjYzAwMzMmb3JpZ2luPXd3dy5waWN1c3NlY3VyaXR5LmNvbSZzY3JpcHRWZXJzaW9uPTIuMy4xJnF1ZXJ5PT9oc3NfY2hhbm5lbD10dy0xMTI2Mjg2OTY0JnBhZ2VWaWV3Q291bnQ9MSZ2aXNpdFN0YXJ0PTE3MzAwODQ5Njg=
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:c400:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: No-Store
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
access-control-request-method: *
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 35
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: image/gif
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: 2RoefmkMcvFwofoEwKgeppqdsuhvjpgT1pW_58o1b3n6NgOQWvZbAQ==
access-control-allow-headers: *

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 10ms
10ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e37c7a30d84812a7028e03bcc7573eb5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

02bb5c76e58d33244885b55b5e4345654a07f6b1d66d92b43ba7e3179e130d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-md5: nncErkgHLIuekMJfRJj0HA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "50682cbfc7207649a6f1275f754e9bbf"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 28 Oct 2025 01:37:40 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: d1dcfc6b3313edcdd7233871d1ee500c
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1825, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug: xfVS1LuI5PUqtbhBi4khBkFxkpKc66H7IbUkChPL+KtqCB4iklPY6vhmSSW98iE9AHV6CxOleY2kDzokeejG3w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 82599
origin-agent-cluster: ?1

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 2254 0
0 46ms
13ms Document
text/html 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.picussecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Mon, 28 Oct 2024 03:09:28 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000164-IAD, cache-muc13978-MUC

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 550 KB
92 KB 61ms
20ms Script
application/javascript 2606:4700::6812:8d11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: 08a89532-3218-44ec-a123-55fc62b58626
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 1P48dmUoAxkQ57N6qBxgDzS3oBmZAXBF
etag: W/"ce26171eff05376a1b746efbb809f7f6"
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
age: 33481
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: BKpwlJFPRjc5hiSPX-W1sGMhHeyQa0YjfeSELRUi6ki3xmmUtuGUWA==
x-hubspot-correlation-id: 08a89532-3218-44ec-a123-55fc62b58626
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Oct 2024 10:17:06 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-f7rdw
x-envoy-upstream-service-time: 1
x-hs-target-asset: lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Accept-Encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js&cfRay=8d05e40b29399749-ARN
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-ray: 8d97ba2cee563a9a-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/7048931/ 86 KB
28 KB 72ms
33ms Script
text/javascript 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/7048931/banner.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7959e686f3668a5465c5eacedf2d57eb61675b5f8584fcb07114aa38b63d53b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 11fa2a7b-6267-4c28-b713-fc9e90bca7bf
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64a8130e9eaf229bc8c031f165093971"
x-amz-version-id: VmzTKp0hM3SnYqhhf.7T6p4d1BwNMaP8
age: 0
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Mon, 28 Oct 2024 03:14:28 GMT
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 11fa2a7b-6267-4c28-b713-fc9e90bca7bf
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:19:45 GMT
vary: origin, Accept-Encoding
x-amz-id-2: iHR6zfBL13/wlsUd8Lp7/dWsrUS8UNjxRBM42Wv0715QCH5HJOWs4sf9cDNzG6kcxevUs9XDokM=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-n6ddx
x-envoy-upstream-service-time: 115
access-control-allow-credentials: true
x-amz-request-id: VRHHXCDQJBSF4B6D
cf-ray: 8d97ba2cecb71cb5-FRA
access-control-allow-origin: https://www.picussecurity.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 7048931.js Show response
js.hs-analytics.net/analytics/1730084700000/ 68 KB
25 KB 118ms
78ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1730084700000/7048931.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2012aadea462fafe352402e17767e0f80b6407c288876a88052e478cc6e9466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-amz-server-side-encryption: AES256
x-request-id: fdc512a4-4302-4859-93d9-3b6ab6f33326
content-encoding: gzip
cf-cache-status: HIT
etag: W/"356e3cc64e9d8ebe47b1070958a9860b"
x-amz-version-id: null
age: 0
expires: Mon, 28 Oct 2024 03:14:28 GMT
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: fdc512a4-4302-4859-93d9-3b6ab6f33326
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:49:10 GMT
vary: origin, Accept-Encoding
x-amz-id-2: zAI64df2dx64Fr2Vyhz3KOfpoRocjCdPQ4APH9P3GjAxgb2DImxmaSn4+O1t6L2P+7utuJhUepI=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-hpb9z
x-envoy-upstream-service-time: 32
access-control-allow-credentials: false
x-amz-request-id: BH46G17ECHGNF0CJ
cf-ray: 8d97ba2cedfcd2c3-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 57ms
18ms Script
application/javascript 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-request-id: baf08f30-1da1-4d44-95f8-c652de846e27
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: _vUoUmuymk3IT7Uikz585Nn8PzBEJUsn
etag: W/"216a00fb66fa9b149d5f8b5557f0f563"
age: 467
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: btPowW7qEVO1ajRf-hxKydBynv3sLYTwTYcqXUUHpzxbP9Dal2tvxg==
x-hubspot-correlation-id: baf08f30-1da1-4d44-95f8-c652de846e27
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 10:34:35 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-xfx5g
x-envoy-upstream-service-time: 7
x-hs-target-asset: collected-forms-embed-js/static-1.885/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.885/bundles/project.js&cfRay=8d97aec66992d294-FRA
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
cf-ray: 8d97ba2ce8b6dcc5-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 93 KB
26 KB 57ms
17ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4621daf70705ca4ad2cdfa8c95058ddcf4966d0146230d6abe449f49f7c8d107

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-evy-trace-virtual-host: all
x-request-id: 0290c45a-2609-4932-9f43-fcbdac1b0c73
content-encoding: gzip
cf-cache-status: HIT
etag: W/"efed4c800767ce92e6061f17ccc5987d"
x-amz-version-id: r.mCsQD_WlXWwN3xiO22xDXPwu0BfTog
age: 33
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: H3vYgKmaGRLRUEt4Y46lv29wZd3Q6wWM9BskYF7Rz_yq3ckSgvYclA==
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 0290c45a-2609-4932-9f43-fcbdac1b0c73
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 17:50:37 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-ljl28
x-envoy-upstream-service-time: 7
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18435/bundles/project.js&cfRay=8d97b95cb860dbaf-FRA
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
cf-ray: 8d97ba2cea4b9010-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.18435/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 54ms
17ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-evy-trace-virtual-host: all
x-request-id: 31f4587d-e17d-43a4-b2ad-7f811c978215
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0df6051fb4e3e5c67b55de874a5fe993"
x-amz-version-id: KtgVA4GHJgyUOPf7T5TRgmfap.5FKp0l
age: 106
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: jMu9je18J0GEe9qgBEnJ1Z8NEBzz95xKcRCSZ_2UKJs__ZtyZDsETg==
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 31f4587d-e17d-43a4-b2ad-7f811c978215
content-type: application/javascript; charset=utf-8
last-modified: Mon, 21 Oct 2024 14:24:42 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-ljl28
x-envoy-upstream-service-time: 5
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.605/bundles/pixels-release.js&cfRay=8d97b7949e8ddc92-FRA
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-ray: 8d97ba2cecf5daff-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.605/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
705 B 335ms
281ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 972BFC58DD6A4752A82A18C9B4F1527F Ref B: AMS04EDGE2610 Ref C: 2024-10-28T03:09:28Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYlgMv9xHeVKMqxsKspVg==
x-li-proto: http/2
access-control-allow-origin: https://www.picussecurity.com
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 250ms
195ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=2042428&time=1730084968438&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 00062580cbfbd5866a37c793d25792ea
x-msedge-ref: Ref A: 19A3DE57F99D41D4BB727B313D3FB7C7 Ref B: DUS30EDGE0309 Ref C: 2024-10-28T03:09:28Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlgMv71YZqN8eT0leS6g==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1730084968438&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1730084968438&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-da...

0
264 B

216ms
179ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1730084968438&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&tm=gtmv2&e_ipv6=AQJdiaKTPShltQAAAZLRGZnXf1WLnuA7vGzjG2AiRQEmfnfET5WpkPkm835984J_zeW0rs-idQ
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2B9214E6216442A99617056F2311C9CE Ref B: FRAEDGE2022 Ref C: 2024-10-28T03:09:29Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlgMwEJz+0Dclp47LnqA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1730084968438&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&tm=gtmv2&e_ipv6=AQJdiaKTPShltQAAAZLRGZnXf1WLnuA7vGzjG2AiRQEmfnfET5WpkPkm835984J_zeW0rs-idQ
x-msedge-ref: Ref A: 7DE01DFCC8B64DB0B3BAB62E396CEB99 Ref B: AMS04EDGE2610 Ref C: 2024-10-28T03:09:28Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlgMwAl6C3ylnvE0VfLg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 28 Oct 2024 03:09:28 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
850 B 324ms
298ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: 361aee8f-7cc7-4d51-8bd0-cc78da9110c7
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 361aee8f-7cc7-4d51-8bd0-cc78da9110c7
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-75zsc
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8d97ba2d3e1a3a73-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
885 B 113ms
113ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: c87e77c7-1c21-47af-80f9-180c88acb5fc
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: c87e77c7-1c21-47af-80f9-180c88acb5fc
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-g8b2n
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8d97ba2d5e2c3a73-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 187145243.js Show response
bat.bing.com/p/action/ 2 KB
975 B 32ms
32ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187145243.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

373819462e59557a0cbe523389ce18a1681a2ffeaebc4a3ea24951694cba75ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E0F29201BDC416D891506EDEC63C402 Ref B: FRA31EDGE0817 Ref C: 2024-10-28T03:09:28Z
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 modules.67d7d905831ab88336d0.js Show response
script.hotjar.com/ 221 KB
55 KB 36ms
9ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.67d7d905831ab88336d0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2366058.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

e8d7cc2b6e93524746e8e404110e2522af2e36914863a25c68cf059c12e71c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
content-encoding: br
etag: "6e5092134a127e6f8514c54f7a9125c5"
age: 303801
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 16VwG2tyFqonbpNzyrNN4S5gCOpeNKVITP3lKlhPq3-H_DhT53BOzw==
date: Thu, 24 Oct 2024 14:46:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 14:45:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56085
x-amz-cf-pop: FRA60-P9

GET
H3 200 widget Show response
www.picussecurity.com/_hcms/livechat/ 387 B
1 KB 167ms
167ms XHR
application/json 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/livechat/widget?portalId=7048931&conversations-embed=static-1.18435&mobile=false&messagesUtk=9372331c99d745ffbb103d6863a8b753&traceId=9372331c99d745ffbb103d6863a8b753

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7682802f498d1a1e18aeed9cd0835877313667f442a6e15f01d434065bff102

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YwzAY%2B24VStNmpkpCFOpRX5LnCXHOAFD5LfkhbWXk5IC7n5vptpgAKDrUjc3YU7OWOzVwicRp1XSYvHPI8fGzQgXDxBK1Z3qYmBAuCD7u64fscvZgVUV%2FW3e6fCcn2d8jS4Ghu7dpg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: c895c8e2-dfbb-41b0-8e78-c91d432a1ded
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8d97ba2d6d14d290-FRA
server: cloudflare

OPTIONS
H2 200 view
js.hs-banner.com/v2/activity/ Frame 0
0 105ms
105ms Preflight
application/octet-stream 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.picussecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.picussecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8d97ba2db8b5dbf0-FRA
content-length: 0
content-type: application/octet-stream
date: Mon, 28 Oct 2024 03:09:28 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-gnlrf
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 4126cc86-b6d5-4dce-8813-5ebf3706d47a
x-request-id: 4126cc86-b6d5-4dce-8813-5ebf3706d47a

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 2 B
145 B 34ms
17ms Fetch
text/plain 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/7048931/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: private, max-age=1500
cf-ray: 8d97ba2d989fdbf0-FRA
access-control-allow-origin: *
content-length: 2
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 350 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc00fa2bd200ddd72f9d14cb184c078b5a6154a7beaabb114007663d05677726

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 28 Oct 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 114331
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 62ms
24ms Ping
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&scrsrc=www.googletagmanager.com&frm=0&rnd=477241363.1730084969&npa=1&gtm=45He4ao0v837849470za200&gcs=G100&gcd=13q3q3q2q5l1&dma_cps=-&dma=1&tag_exp=101533422~101823847&tft=1730084968561&tfd=2001&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 62ms
21ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DB6MKXQ2E6&gtm=45je4ao0v872608557za200zb837849470&_p=1730084967503&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tag_exp=101533421~101823848&gdid=dZTQ1Zm&cid=1807736532.1730084969&ul=de-de&sr=1600x1200&ir=1&are=1&frm=0&pscdl=denied&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=BA&_s=1&dl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&sid=1730084968&sct=1&seg=0&dt=CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained&en=page_view&_fv=1&_ss=1&ep.page_location_clean=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&ep.anonymizeIp=true&tfd=2022
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DB6MKXQ2E6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.picussecurity.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 114 B
810 B 146ms
127ms XHR
application/json 2606:4700::6812:f46c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7048931

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109a14abac939df0ab29af6bbf5c0ca592b1cdf7adb33a0052f166c8b303bc37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

access-control-max-age: 180
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Rc752Z2IsOPwTrYDF%2FclD6vRGNx7cl6nXJqlS2pgEeVYnp6wd%2FYZSCYGjQDalBiPhzCTOv1lxFtmlLb9bqS2ZftXddD4b6WbuJBcp%2FH8WEGv9OJ3%2BupNszG2YIjT9MJZFb57dbw64VR4cPz"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: b1d4c456-8831-4b89-897e-808723161031
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8d97ba2dce689bac-FRA
access-control-allow-origin: https://www.picussecurity.com
server: cloudflare

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
479 B 23ms
23ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/7048931/banner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

ce1eade43de61291fb7e1708bdbe373f955aa88e54e9c894fa6ab1ed455ab1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 01:56:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 204 view
js.hs-banner.com/v2/activity/ 0
0 131ms
130ms Fetch 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/v2/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/7048931/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

access-control-max-age: 604800
x-request-id: 17ab5acc-8ed5-499c-9d0a-a89ee5557b05
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener: listener_http, listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 17ab5acc-8ed5-499c-9d0a-a89ee5557b05
vary: origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator, envoyset-translator
x-evy-trace-served-by-pod: iad02/private-hubapi-td/envoy-proxy-6c46cd57d4-m7bb6, iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-2flsp
timing-allow-origin: *
x-envoy-upstream-service-time: 26
access-control-allow-credentials: true
cf-ray: 8d97ba2e596cdbf0-FRA
access-control-allow-origin: https://www.picussecurity.com
x-evy-trace-route-configuration: listener_http/all, listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all, all

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame EA9A 0
0 56ms
13ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.picussecurity.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-670063733&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 458044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Oct 2024 19:55:24 GMT
expires: Wed, 22 Oct 2025 19:55:24 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
434 B 118ms
116ms XHR
application/json 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7048931&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af58bcdda4bce4a998c3c1d32d5a6bbebd8ef7c7007e8888531cb493cc9f64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: 1118e3c1-51db-4f0e-ba47-9de11c87d8b5
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 1118e3c1-51db-4f0e-ba47-9de11c87d8b5
content-type: application/json;charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: *
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-4dfvf
x-envoy-upstream-service-time: 9
cf-ray: 8d97ba2dfa0adcc5-FRA
access-control-allow-origin: https://www.picussecurity.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 26ms
25ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://fonts.googleapis.com/

Response headers

age: 470814
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:22:34 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 27ms
27ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.picussecurity.com
Referer: https://fonts.googleapis.com/

Response headers

age: 471123
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:17:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:17:25 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

POST
H2 204 0
bat.bing.net/actionp/ 0
346 B 142ms
69ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=187145243&tm=gtm002&Ver=2&mid=6cbeeea2-1d95-4e50-ad11-6c677708b9c0&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C6F00CBB8D34BB2951A814B0E997884 Ref B: AMS04EDGE3615 Ref C: 2024-10-28T03:09:28Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT

POST
H2 204 0
bat.bing.net/actionp/ 0
119 B 143ms
70ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=187145243&tm=gtm002&Ver=2&mid=6cbeeea2-1d95-4e50-ad11-6c677708b9c0&bo=2&evt=gtmConsent&gasc=D&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E66A54A95614328A126227F3BDC43BB Ref B: AMS04EDGE3615 Ref C: 2024-10-28T03:09:28Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT

POST
H2 204 0
bat.bing.net/actionp/ 0
120 B 157ms
85ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=187145243&tm=gtm002&Ver=2&mid=6cbeeea2-1d95-4e50-ad11-6c677708b9c0&bo=3&evt=consent&src=update&cdb=AQAQ&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10C3DE2A90634C4E95FB2F591CD49525 Ref B: AMS04EDGE3615 Ref C: 2024-10-28T03:09:28Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT

GET
H2 200 187145243 Show response
bat.bing.com/p/insights/t/ 765 B
920 B 115ms
113ms Script
application/x-javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/187145243

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/187145243.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2032c262cc5ffe9e7040267bd22a5677b7134254b1ccacb84ef3a6ee4e1c29f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9309CA1C6E854A0CAD9B6FB97D3A3CAC Ref B: FRA31EDGE0817 Ref C: 2024-10-28T03:09:28Z
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 639
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-azure-ref: 20241028T030928Z-16465dc7448nwf9ln6y2gcd90n00000002n000000000ar0q

GET
H2 204 0
bat.bing.net/action/ 0
121 B 171ms
98ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=187145243&tm=gtm002&Ver=2&mid=6cbeeea2-1d95-4e50-ad11-6c677708b9c0&bo=4&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained&p=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&r=&lt=1792&evt=pageLoad&sv=1&asc=D&cdb=AQAQ&rn=967383
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 04EF5E8B22544FD8864F77D33352BD8A Ref B: AMS04EDGE3615 Ref C: 2024-10-28T03:09:28Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
538 B 114ms
111ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: 49761035-7303-4635-8b2e-8a7a2ee9a6d5
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 49761035-7303-4635-8b2e-8a7a2ee9a6d5
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-75zsc
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8d97ba2eaea03a73-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
0 0ms
0ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=74576
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Mon, 28 Oct 2024 03:09:28 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
580 B 127ms
112ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=inline-interactive-render-success&value=1

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: cb15350f-4990-40be-bd3e-98368cb2b6cc
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: cb15350f-4990-40be-bd3e-98368cb2b6cc
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Mon, 28 Oct 2024 03:09:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-g8b2n
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8d97ba2edeab3a73-FRA
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
580 B 155ms
143ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: c4f59ae7-fedb-4c5a-9202-e03e971f5dc8
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: c4f59ae7-fedb-4c5a-9202-e03e971f5dc8
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Mon, 28 Oct 2024 03:09:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-w2dmb
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8d97ba2edeae3a73-FRA
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2

200

blank001.gif
static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/
Redirect Chain

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=286429421129&containerType=EMBEDDED&portalId=7048931&audienceId=null&pageUrl=https%3A%2F%2Fwww.picussecur...
https://static.hubspot.com/img/trackers/blank001.gif
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

43 B
599 B

16ms
16ms

Image
image/gif

2606:4700::6811:ae5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Server

2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cf-bgj: imgq:85,h2pri
etag: "51416c7ff0b9d7efc8c9b16d84052fab"
age: 378601
cf-cache-status: HIT
x-amz-version-id: MFfZlkR4U8_6aknbgflTSIqo4fNbniK3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzZFVkB%2Bk1GBZjwLwccJI5lw0w%2BQEFMBUz4uw1trQOmE4iNX85tf2pFc%2Bt5SW2HTSzywPrni50rIoHkDOLv3teAKpBkWn7qj0%2FfeRjRYhhbn7iSMOwO1h9nfRJAsfTcl7KK8ohNRNu9bzaLQih%2F2lqQqBoI%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 03:09:28 GMT
cf-polished: origSize=49, status=webp_bigger
x-cache: Hit from cloudfront
x-amz-cf-id: 23Zy5ALk-1JTMOx3DAur5zXmVnRR_lEhSTCQnQW192dNb1mjg30W0w==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: image/gif
last-modified: Thu, 15 Apr 2021 16:47:19 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 72c8c6bd2753cbcc88d313a4f2598ff0.cloudfront.net (CloudFront)
cf-ray: 8d97ba2fae19d20b-FRA
accept-ranges: bytes
content-length: 43
x-amz-cf-pop: LHR50-P6
server: cloudflare
x-amz-server-side-encryption: AES256

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
location: https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dN25MgP10os2g9qhMbmN1EBzpC07uTQkSCIddlTtQHesvrCElV2QL6i6EwocMXtjlIOL8hmvC%2FOPxZkql5s8ooZLiuyV%2F6X84xqBR%2FLj%2F3%2BV5MSfq2IHgrzSffd4r3vCTjBN1yRZWKXXRIDVm%2FXcDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d97ba2f8ed01e51-FRA
expires: Mon, 28 Oct 2024 04:09:28 GMT
content-length: 167
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2

200

blank001.gif
static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/
Redirect Chain

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=329186393359&containerType=EMBEDDED&portalId=7048931&audienceId=null&campaignId=84455ffb-b6cc-45fd-915d-e...
https://static.hubspot.com/img/trackers/blank001.gif
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

43 B
0

16ms
16ms

Image
image/gif

2606:4700::6811:ae5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
Protocol: H2
Server: 2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cf-bgj: imgq:85,h2pri
etag: "51416c7ff0b9d7efc8c9b16d84052fab"
age: 378601
cf-cache-status: HIT
x-amz-version-id: MFfZlkR4U8_6aknbgflTSIqo4fNbniK3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzZFVkB%2Bk1GBZjwLwccJI5lw0w%2BQEFMBUz4uw1trQOmE4iNX85tf2pFc%2Bt5SW2HTSzywPrni50rIoHkDOLv3teAKpBkWn7qj0%2FfeRjRYhhbn7iSMOwO1h9nfRJAsfTcl7KK8ohNRNu9bzaLQih%2F2lqQqBoI%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 03:09:28 GMT
cf-polished: origSize=49, status=webp_bigger
x-cache: Hit from cloudfront
x-amz-cf-id: 23Zy5ALk-1JTMOx3DAur5zXmVnRR_lEhSTCQnQW192dNb1mjg30W0w==
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: image/gif
last-modified: Thu, 15 Apr 2021 16:47:19 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 72c8c6bd2753cbcc88d313a4f2598ff0.cloudfront.net (CloudFront)
cf-ray: 8d97ba2fae19d20b-FRA
accept-ranges: bytes
content-length: 43
x-amz-cf-pop: LHR50-P6
server: cloudflare
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: max-age=3600
location: https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dN25MgP10os2g9qhMbmN1EBzpC07uTQkSCIddlTtQHesvrCElV2QL6i6EwocMXtjlIOL8hmvC%2FOPxZkql5s8ooZLiuyV%2F6X84xqBR%2FLj%2F3%2BV5MSfq2IHgrzSffd4r3vCTjBN1yRZWKXXRIDVm%2FXcDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d97ba2f8ed01e51-FRA
expires: Mon, 28 Oct 2024 04:09:28 GMT
content-length: 167
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
538 B 117ms
116ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: 765bc059-83e4-4584-8215-82f104574310
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:28 GMT
x-hubspot-correlation-id: 765bc059-83e4-4584-8215-82f104574310
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-xvq5n
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8d97ba2ecea53a73-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 0.7.49 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 34ms
33ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.49

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/187145243

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1f8f7541a2982d7df75f73d0234a3f2afdc8302f361078f883d25a3a574bae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
x-ms-version: 2018-03-28
etag: W/"0x8DCF3CA1B8E5043"
x-fd-int-roxy-purgeid: 51562430
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT
content-type: application/javascript;charset=utf-8
last-modified: Thu, 24 Oct 2024 01:20:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE6D82740D004C32B6E0D947518B459E Ref B: FRA31EDGE0817 Ref C: 2024-10-28T03:09:28Z
x-ms-request-id: 29c9dc10-501e-0064-3454-28df43000000
access-control-allow-origin: *
content-length: 15261
x-azure-ref: 20241028T030928Z-16465dc74487wjxt65nd8865qg000000035g0000000084h7

POST
H2 204 s Show response
bat.bing.com/p/insights/c/ 0
213 B 106ms
105ms XHR
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/s

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.49

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-webinsights-gzip
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07172251574B4B21A136685480FFF789 Ref B: FRA31EDGE0817 Ref C: 2024-10-28T03:09:28Z
access-control-allow-credentials: true
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
access-control-allow-origin: https://www.picussecurity.com
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 03:09:28 GMT
vary: Origin

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
704 B 67ms
19ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 78.159.108.31; 78.159.108.31; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://www.picussecurity.com
an-x-request-uuid: 38838e57-21ed-4e93-94ce-01cebd283e48
content-length: 11
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 28 Oct 2024 03:09:29 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

GET
H2 200 / Show response
c.6sc.co/ 7 B
197 B 44ms
8ms XHR
text/html 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.picussecurity.com
content-length: 7
date: Mon, 28 Oct 2024 03:09:29 GMT
content-type: text/html
access-control-allow-headers: *

GET
H2 200 / Show response
ipv6.6sc.co/ 21 B
316 B 129ms
10ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2155861fca93c65061326c2853aacb039113673a3b669c826895148585d0775d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
pragma: no-cache
6si-ipv6: 2a00:c98:2f00:20:a::2
expires: Mon, 28 Oct 2024 03:09:29 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730084969262_388391900_1396628371_32_1309_7_80_219";dur=1
access-control-allow-origin: https://www.picussecurity.com
content-length: 21
date: Mon, 28 Oct 2024 03:09:29 GMT
content-type: text/html
vary: Origin

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
604 B 132ms
122ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=7048931&pi=181865102081&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&cpi=181865102081&cgi=35190412163&lpi=181865102081&lvi=181865102081&lvc=en-us&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&t=CVE-2024-47575%3A+FortiManager+Missing+Authentication+Zero-Day+Vulnerability+Explained&cts=1730084969244&vi=1103bff039d975938db4834a50eaee78&nc=true&u=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&b=51282614.1.1730084969241&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: 557cff93-91e3-4f54-9258-721d06cb7e30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cze%2Bm%2FqYjInBEOqUH%2FJpcUfy%2BR%2F8XksN4iWnJTj1q3k8xaoLrEltMd3kjAHGGp2cGCdZAeEjXeil8wNkUR5YfN1UoGJNajnJ9t7Vj8%2F5%2BV5p3Aj2y%2BPRS5i8xrAx0cSuTP2jBTH8T7oZKDfcPI67"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Mon, 28 Oct 2024 03:09:29 GMT
x-hubspot-correlation-id: 557cff93-91e3-4f54-9258-721d06cb7e30
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-5w579
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8d97ba31efdd1e51-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
531 B 133ms
128ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=be679887-a840-43a8-9823-880a9189271d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=7048931&pi=181865102081&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&cpi=181865102081&cgi=35190412163&lpi=181865102081&lvi=181865102081&lvc=en-us&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&t=CVE-2024-47575%3A+FortiManager+Missing+Authentication+Zero-Day+Vulnerability+Explained&cts=1730084969245&vi=1103bff039d975938db4834a50eaee78&nc=true&u=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&b=51282614.1.1730084969241&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: bddbdf00-2191-4e6c-a2fd-6a85bfc9df48
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKkh94Lxhy6omrU71%2BPCgM2ZWjUWFDLP%2BnW0Lh0acukNCFEOWS4WgghrDcN4rSLLq%2FdScRyKmhmTHQQBjpspUJ%2FEsQAyRuu%2FElZdVUuB4xWxcMeCS0JcPNPyhY%2BqsWo%2F%2BWLvi%2BYSDkBVeUDbVw9c"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Mon, 28 Oct 2024 03:09:29 GMT
x-hubspot-correlation-id: bddbdf00-2191-4e6c-a2fd-6a85bfc9df48
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-swzpx
x-envoy-upstream-service-time: 7
access-control-allow-credentials: false
cf-ray: 8d97ba31efdb1e51-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
440 B 126ms
125ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=957aef49-8488-49ff-9665-7e729d69db29&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=7048931&pi=181865102081&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained&cpi=181865102081&cgi=35190412163&lpi=181865102081&lvi=181865102081&lvc=en-us&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&t=CVE-2024-47575%3A+FortiManager+Missing+Authentication+Zero-Day+Vulnerability+Explained&cts=1730084969246&vi=1103bff039d975938db4834a50eaee78&nc=true&u=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&b=51282614.1.1730084969241&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
x-request-id: 8ccbd1f9-3e24-461f-bba9-f9f59af2893e
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uRr873nMbXhirEXP3YJ%2B62TVRg6HlrG3QmR9lv%2FyNAu4OLdUHczbq1ULps0NqEg3FeiBC4B38Kmr1f%2BN5SeDvAJW1ny%2B0%2BarR5onxflPbp1SNyGD8iIHZwqCRqwXZh1gwUE9VWCcHPdcEY5QNxmm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Mon, 28 Oct 2024 03:09:29 GMT
x-hubspot-correlation-id: 8ccbd1f9-3e24-461f-bba9-f9f59af2893e
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-n9p7f
x-envoy-upstream-service-time: 6
access-control-allow-credentials: false
cf-ray: 8d97ba31efdc1e51-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 64d678615e3d0 Show response
display.popt.in/api/display/ 2 KB
1 KB 839ms
755ms XHR
application/json 172.67.166.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/api/display/64d678615e3d0?domain=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.elsa2bw2trr%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained&origin_landing_page=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.166.202 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5e488d62c15f3f9f1fd1703800c796bcc163b1067d571956c40c484fcd1c3b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://bc.popt.in https://.mybigcommerce.com https://.jumpseller.com https://.myshopline.com https://.myshopify.com https://*.grisynava.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exQisB18l34U%2Bk4OcJgs3fsPXgUKm2Wb4oXezcIaRdbJKic7AGCBl0fbWiqjpTR4jyBs5xRuIB1JbuOMKKS9GcgrnCaWszMOtHDl%2BarJhoYFc0kf7nTr98lTtMZoMgFocyY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff, nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13983&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4198&recv_bytes=5342&delivery_rate=705&cwnd=12000&unsent_bytes=0&cid=59b5465cd153faf1&ts=813&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 28 Oct 2024 03:09:30 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8d97ba327ee46d7a-MUC
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 favicon.ico
www.picussecurity.com/hubfs/Picus_February2020/images/ 15 KB
3 KB 31ms
30ms Other
image/vnd.microsoft.icon 199.60.103.29
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hubfs/Picus_February2020/images/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.29 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5242ab5df4690e1c975cefd6c70bc7f19037060288e9254c16b3ea0b07f3b222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"02925aef9384fc19f8c138ed9d04e72f"
age: 402961
cache-tag: F-25850183661,FD-25847619727,P-7048931,FLS-ALL
x-amz-version-id: GPbuCeGk..cIOQ1w6ZV9XsM2rrDBylkN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkFm5VY7b9oUZin00vRWZZg%2FdefNHmZ1HyVCN6mHRWzJUvSRsGrJ4xPg1hJ870sXH5XfDPrFs72JQ10QTUssMRMYh48DNE0uBpB38AipyPhlFptlx9DFsBpBuvjl%2Bfuvazs%2BsEDnPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 6QBWzqoWp-8oJNaDWQqtCH2fFZAdk4d6ou4ntg_gs2tOUbcUBvjFmg==
date: Mon, 28 Oct 2024 03:09:29 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 14 Feb 2020 06:16:24 GMT
vary: Accept-Encoding
x-amz-id-2: fwOxQvbIPjaVkKe/RBXJrhw7RcjcJNQj68KcVGTBODNfIwZsXp+p9jHFKkqZyvYoYeeWyQvFlac=
strict-transport-security: max-age=31536000; includeSubDomains; preload
edge-cache-tag: F-25850183661,FD-25847619727,P-7048931,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
cf-ray: 8d97ba31eab9d290-FRA
x-amz-request-id: HBQ3Y80CFF9KQ1QJ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
access-control-allow-origin: *
x-amz-meta-cache-tag: F-25850183661,FD-25847619727,P-7048931,FLS-ALL
x-amz-cf-pop: FRA60-P7
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
931 B 172ms
162ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=7048931&utk=1103bff039d975938db4834a50eaee78&__hstc=51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1&__hssc=51282614.1.1730084969241&contentId=181865102081&currentUrl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cee6b8933ce903efd76eba8aaffcb87df20bb143f6bd5be66acfdd3da04662f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: fd50e0d4-ff66-4f40-8388-960ebdf4d269
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZiRKc3gF2BV4pLSoc3iV2TIfPObwwyB%2BfQh4Lh4dZK9GVvEgE2sJX3uUxoHWk3pyEql%2FKwU%2BH2aj6jLG1Wi3Ez%2FGHQIPjLZSF2mhe5sI2jTRSJo6t4W32PqtxWw8WLUkYri1gTWb21prH66d%2FN6e"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener: listener_https
date: Mon, 28 Oct 2024 03:09:29 GMT
x-hubspot-correlation-id: fd50e0d4-ff66-4f40-8388-960ebdf4d269
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-75zsc
x-envoy-upstream-service-time: 49
access-control-allow-credentials: false
cf-ray: 8d97ba322f1d71ac-FRA
access-control-allow-origin: https://www.picussecurity.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 135ms
109ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=71d66052351c031c506efc6194814a69&svisitor=null&visitor=ecd9ce67-f2f5-4610-88a0-0be09191f1aa&session=14b6217c-776b-4b77-8705-6b9423876d98&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20CVE-2024-47575%2C%20a%20critical%20FortiManager%20zero-day%20vulnerability%20allowing%20attackers%20to%20exploit%20missing%20authentication.%20Discover%20the%20impact%20and%20mitigation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageViewId=960c5435-10a8-484f-8cca-cda0f96e0708&an_uid=0&webTagId=8aaca2fd-5cd9-4888-ba4c-a92130465f35&v=1.1.29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "63f02dad-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:29 GMT
accept-ranges: bytes
content-length: 43
date: Mon, 28 Oct 2024 03:09:29 GMT
content-type: image/gif
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 155ms
129ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=71d66052351c031c506efc6194814a69&svisitor=null&visitor=ecd9ce67-f2f5-4610-88a0-0be09191f1aa&session=14b6217c-776b-4b77-8705-6b9423876d98&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2271d66052351c031c506efc6194814a69%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2284665a242656c44c19a4dc3e471bb3355e53cba3%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%228aaca2fd-5cd9-4888-ba4c-a92130465f35%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20CVE-2024-47575%2C%20a%20critical%20FortiManager%20zero-day%20vulnerability%20allowing%20attackers%20to%20exploit%20missing%20authentication.%20Discover%20the%20impact%20and%20mitigation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageViewId=960c5435-10a8-484f-8cca-cda0f96e0708&an_uid=0&webTagId=8aaca2fd-5cd9-4888-ba4c-a92130465f35&v=1.1.29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "5e502810-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:29 GMT
accept-ranges: bytes
content-length: 43
date: Mon, 28 Oct 2024 03:09:29 GMT
content-type: image/gif
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 106ms
106ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=71d66052351c031c506efc6194814a69&svisitor=null&visitor=ecd9ce67-f2f5-4610-88a0-0be09191f1aa&session=14b6217c-776b-4b77-8705-6b9423876d98&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2f00%3A20%3Aa%3A%3A2%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20CVE-2024-47575%2C%20a%20critical%20FortiManager%20zero-day%20vulnerability%20allowing%20attackers%20to%20exploit%20missing%20authentication.%20Discover%20the%20impact%20and%20mitigation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageViewId=960c5435-10a8-484f-8cca-cda0f96e0708&an_uid=0&webTagId=8aaca2fd-5cd9-4888-ba4c-a92130465f35&ipv6=2a00%3Ac98%3A2f00%3A20%3Aa%3A%3A2&v=1.1.29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "615ccf10-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:29 GMT
accept-ranges: bytes
content-length: 43
date: Mon, 28 Oct 2024 03:09:29 GMT
content-type: image/gif
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)

OPTIONS
H2 200 details
eps.6sc.co/v3/company/ Frame 0
0 42ms
9ms Preflight 75.2.108.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eps.6sc.co/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.108.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afe865822f884bb48.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.picussecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.picussecurity.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
content-length: 0
date: Mon, 28 Oct 2024 03:09:29 GMT
timing-allow-origin: https://6sense.com
x-6si-region

GET
H2 200 details Show response
eps.6sc.co/v3/company/ 760 B
667 B 55ms
36ms XHR
application/json 75.2.108.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eps.6sc.co/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.108.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afe865822f884bb48.awsglobalaccelerator.com
Software: /
Resource Hash: 65a1c8e40f97a72622872b33032cc16d98c9cd61c56d1fe897a0ded9a7375dc4

Request headers

Authorization: Token 84665a242656c44c19a4dc3e471bb3355e53cba3
X-6s-CustomID: WebTag 8aaca2fd-5cd9-4888-ba4c-a92130465f35
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: X-6si-Region
timing-allow-origin: https://6sense.com
content-encoding: gzip
x-6si-region
access-control-allow-credentials: true
access-control-allow-origin: https://www.picussecurity.com
content-length: 404
date: Mon, 28 Oct 2024 03:09:29 GMT
content-type: application/json
vary: Origin, Accept-Encoding

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 107ms
106ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=71d66052351c031c506efc6194814a69&svisitor=null&visitor=ecd9ce67-f2f5-4610-88a0-0be09191f1aa&session=14b6217c-776b-4b77-8705-6b9423876d98&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A28%20GMT%22%2C%22timeSpent%22%3A%222007%22%2C%22totalTimeSpent%22%3A%222007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20CVE-2024-47575%2C%20a%20critical%20FortiManager%20zero-day%20vulnerability%20allowing%20attackers%20to%20exploit%20missing%20authentication.%20Discover%20the%20impact%20and%20mitigation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageViewId=960c5435-10a8-484f-8cca-cda0f96e0708&an_uid=0&webTagId=8aaca2fd-5cd9-4888-ba4c-a92130465f35&ipv6=2a00%3Ac98%3A2f00%3A20%3Aa%3A%3A2&v=1.1.29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "63f020a0-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:30 GMT
accept-ranges: bytes
content-length: 43
date: Mon, 28 Oct 2024 03:09:30 GMT
content-type: image/gif
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 106ms
106ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=71d66052351c031c506efc6194814a69&svisitor=null&visitor=ecd9ce67-f2f5-4610-88a0-0be09191f1aa&session=14b6217c-776b-4b77-8705-6b9423876d98&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A30%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20CVE-2024-47575%2C%20a%20critical%20FortiManager%20zero-day%20vulnerability%20allowing%20attackers%20to%20exploit%20missing%20authentication.%20Discover%20the%20impact%20and%20mitigation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageViewId=960c5435-10a8-484f-8cca-cda0f96e0708&an_uid=0&webTagId=8aaca2fd-5cd9-4888-ba4c-a92130465f35&ipv6=2a00%3Ac98%3A2f00%3A20%3Aa%3A%3A2&v=1.1.29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "60bb2e15-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:31 GMT
accept-ranges: bytes
content-length: 43
date: Mon, 28 Oct 2024 03:09:31 GMT
content-type: image/gif
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 107ms
107ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=71d66052351c031c506efc6194814a69&svisitor=null&visitor=ecd9ce67-f2f5-4610-88a0-0be09191f1aa&session=14b6217c-776b-4b77-8705-6b9423876d98&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A31%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20CVE-2024-47575%2C%20a%20critical%20FortiManager%20zero-day%20vulnerability%20allowing%20attackers%20to%20exploit%20missing%20authentication.%20Discover%20the%20impact%20and%20mitigation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageViewId=960c5435-10a8-484f-8cca-cda0f96e0708&an_uid=0&webTagId=8aaca2fd-5cd9-4888-ba4c-a92130465f35&ipv6=2a00%3Ac98%3A2f00%3A20%3Aa%3A%3A2&v=1.1.29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "615ccf10-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:32 GMT
accept-ranges: bytes
content-length: 43
date: Mon, 28 Oct 2024 03:09:32 GMT
content-type: image/gif
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 105ms
105ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=71d66052351c031c506efc6194814a69&svisitor=null&visitor=ecd9ce67-f2f5-4610-88a0-0be09191f1aa&session=14b6217c-776b-4b77-8705-6b9423876d98&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2028%20Oct%202024%2003%3A09%3A32%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20CVE-2024-47575%2C%20a%20critical%20FortiManager%20zero-day%20vulnerability%20allowing%20attackers%20to%20exploit%20missing%20authentication.%20Discover%20the%20impact%20and%20mitigation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CVE-2024-47575%3A%20FortiManager%20Missing%20Authentication%20Zero-Day%20Vulnerability%20Explained%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fcve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained%3Fhss_channel%3Dtw-1126286964&pageViewId=960c5435-10a8-484f-8cca-cda0f96e0708&an_uid=0&webTagId=8aaca2fd-5cd9-4888-ba4c-a92130465f35&ipv6=2a00%3Ac98%3A2f00%3A20%3Aa%3A%3A2&v=1.1.29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "615ccf10-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 03:09:33 GMT
accept-ranges: bytes
content-length: 43
date: Mon, 28 Oct 2024 03:09:33 GMT
content-type: image/gif
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.picussecurity.com/	1970-01-21 00:34:46	Name: __cf_bm Value: MXQHzp6oU991mAVRNrS2UuO_P_uxUEhvYZw_p.HJOUM-1730084967-1.0.1.1-DUp4PSjL4CjrVLyIpqSY9Esak3KCWgPIlFk4dvIYVx4UX4WJHjmXRlvF8Lp4AGYQnR3YaWvMxPRy_tLuU7Zu7w
.www.picussecurity.com/	1969-12-31 23:59:59	Name: __cfruid Value: 34095dd3226ca921be3e0a189e1e5952128e0698-1730084967
.hubspot.com/	1970-01-21 00:34:46	Name: __cf_bm Value: JFGUmJps1uLU_dzuX75mc1scoM.71B.tk41wmaFkJoc-1730084968-1.0.1.1-6TULuf00.4PwEhyY9h8mh9e85Jpm_8RP1CK2iR9F3g_Lm2rsOGPKwQe95_w3kUZRpA756csv2fEixTvsSpXhTQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: hemCS3ELCkoJTXy0odY8nA2G.3fCDS1DFNSfWqsA0gU-1730084968083-0.0.1.1-604800000
.picussecurity.com/	1969-12-31 23:59:59	Name: traffic_start_page Value: https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained?hss_channel=tw-1126286964
.picussecurity.com/	1970-01-21 00:34:48	Name: MF69CXJ-OZ2jFJm35 Value: :::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MF6JIbbIciiT7 Value: :::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MF6JIbbJSfd Value: :::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MF6JIbbCSRZlD Value: :::2
.picussecurity.com/	1970-01-21 10:10:44	Name: MFVaCk Value: 1:::2
.picussecurity.com/	1970-01-21 10:10:44	Name: MFVaKX5 Value: 4c1e555e-1f02-40a3-a365-7580924430b9:::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MFVaKkbIhOik Value: 1730084968:::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MFVaKk-5 Value: 2dd13af2-11b7-4643-bb4e-bc1b1a6e0875:::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MFVaEkb4ciek Value: 1:::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MFVaEk-5 Value: 8d64c1f6-4956-4b17-92ca-a483b710cd90:::2
.picussecurity.com/	1970-01-21 00:34:48	Name: MFVaEkbIhOik Value: 1730084968:::2
.picussecurity.com/	1970-01-21 09:20:20	Name: _hjSessionUser_2366058 Value: eyJpZCI6IjFjNzI1ZjMxLWI5YzgtNWRjOC1hMTQ4LTZiNzY5OTVkM2NjZCIsImNyZWF0ZWQiOjE3MzAwODQ5Njg3MDQsImV4aXN0aW5nIjpmYWxzZX0=
.picussecurity.com/	1970-01-21 00:34:46	Name: _hjSession_2366058 Value: eyJpZCI6IjhkNjRlYjhmLTkzZjYtNGJkNi04NjhiLWFiMWIxY2ZlY2RmMSIsImMiOjE3MzAwODQ5Njg3MDUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.hsforms.com/	1970-01-21 00:34:46	Name: __cf_bm Value: VCKLJnsYJZkrZA.6Xe6UdFrLNogFjznOMKmaLwHD0Vw-1730084968-1.0.1.1-J8qLn9i346xNEvbRB4Nj21mGeoZLIVPvPQ_Jr2nkwwOR7vt75NhFrgEouMCeGtysgt9IM4BeJKEFvgwLVm_QFA
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 6e7Pz4PY5.SJmW5Tg5XlRmk1CGs6OcFWgCjFuTrY0TU-1730084968801-0.0.1.1-604800000
.linkedin.com/	1970-01-21 09:20:20	Name: bcookie Value: "v=2&fc216fa3-ae0d-4786-873a-12a258f53563"
.linkedin.com/	1970-01-21 04:53:56	Name: li_gc Value: MTswOzE3MzAwODQ5Njg7MjswMjHeSJBY2rSeVViBvDqJ6JdmAkWksmSzk6/TX/9jsAFrDg==
.linkedin.com/	1970-01-21 00:36:11	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=3113:u=1:x=1:i=1730084968:t=1730171368:v=2:sig=AQH1cxcMDzVLPOK5EQNZz6c1qB_DLHAT"
www.picussecurity.com/	1970-01-21 00:37:37	Name: poptin_old_user Value: true
www.picussecurity.com/	1970-01-21 09:20:20	Name: poptin_user_id Value: 0.elsa2bw2trr
www.picussecurity.com/	1970-01-21 00:34:45	Name: poptin_previous_url Value:
.picussecurity.com/	1970-01-21 04:53:56	Name: __hstc Value: 51282614.1103bff039d975938db4834a50eaee78.1730084969241.1730084969241.1730084969241.1
.picussecurity.com/	1970-01-21 04:53:56	Name: hubspotutk Value: 1103bff039d975938db4834a50eaee78
.picussecurity.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.picussecurity.com/	1970-01-21 00:34:46	Name: __hssc Value: 51282614.1.1730084969241
.adnxs.com/	1970-01-21 10:10:44	Name: receive-cookie-deprecation Value: 1
www.picussecurity.com/	1970-01-21 00:44:49	Name: _an_uid Value: 0
www.picussecurity.com/	1970-01-21 10:10:44	Name: _gd_visitor Value: ecd9ce67-f2f5-4610-88a0-0be09191f1aa
www.picussecurity.com/	1970-01-21 00:34:59	Name: _gd_session Value: 14b6217c-776b-4b77-8705-6b9423876d98
www.picussecurity.com/	1970-01-21 09:20:20	Name: poptin_user_ip Value: 78.159.108.31
www.picussecurity.com/	1970-01-21 09:20:20	Name: poptin_user_country_code Value: false
www.picussecurity.com/	1970-01-21 01:17:56	Name: poptin_session_account_613f053dd8506 Value: true
www.picussecurity.com/	1970-01-21 00:34:46	Name: poptin_session Value: true
www.picussecurity.com/	1970-01-21 01:17:56	Name: poptin_c_visitor Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39666904.fs1.hubspotusercontent-na1.net
7048931.fs1.hubspotusercontent-na1.net
api.hubapi.com
app.hubspot.com
b.6sc.co
bat.bing.com
bat.bing.net
c.6sc.co
cdn.mouseflow.com
cdn.popt.in
cdnjs.cloudflare.com
connect.facebook.net
cta-service-cms2.hubspot.com
d10lpsik1i8c69.cloudfront.net
display.popt.in
eps.6sc.co
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
p.visitorqueue.com
pagead2.googlesyndication.com
perf-na1.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
secure.adnxs.com
settings.luckyorange.net
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
static.hubspot.com
t.visitorqueue.com
track.hubspot.com
www.googletagmanager.com
www.picussecurity.com
104.17.25.14
104.18.27.50
104.18.80.204
104.26.11.16
13.107.42.14
13.33.187.74
142.250.184.195
142.250.184.234
142.250.186.66
143.204.205.219
157.240.251.9
172.67.166.202
18.66.102.11
185.89.210.141
199.232.188.157
199.60.103.29
2.17.100.193
2001:4860:4802:34::36
2600:9000:2490:c400:c:77c4:d500:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:4700:4400::6812:28f0
2606:4700:4400::6812:297c
2606:4700::6810:4e8e
2606:4700::6810:6bfe
2606:4700::6810:7674
2606:4700::6811:80ac
2606:4700::6811:ae5b
2606:4700::6811:afc9
2606:4700::6812:8d11
2606:4700::6812:f46c
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:c11::237
2a00:1450:4001:811::2008
2a00:1450:4001:831::200a
2a02:26f0:3500:10::210:a9a
2a02:26f0:480:23::1726:629c
3.97.61.133
75.2.108.141
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
02bb5c76e58d33244885b55b5e4345654a07f6b1d66d92b43ba7e3179e130d47
041685b0e5a31c63c4c06ffc86484bdd0c56100f1f0b36c91571e6a00bcec715
053c8c8b674efe7ec857eeacd8e075c8448330ac932a374cd01d109f008b5194
0af58bcdda4bce4a998c3c1d32d5a6bbebd8ef7c7007e8888531cb493cc9f64b
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d24d7930883c81a956a8d25026d6befdf264a901da8570a7fa27b6db580c2bf
0d65e0bb2b93943ac7a72d8f70bda4f8931d6d07c9731bf28dc1d895c1dc4edf
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
109a14abac939df0ab29af6bbf5c0ca592b1cdf7adb33a0052f166c8b303bc37
115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
17d723709d3cf22819c1cd64ce6b2ecbd3171ca8ae113106b88b354145b33f85
1cee6b8933ce903efd76eba8aaffcb87df20bb143f6bd5be66acfdd3da04662f
2032c262cc5ffe9e7040267bd22a5677b7134254b1ccacb84ef3a6ee4e1c29f1
21036da1013e88ad1be39946746a916786b081557a7a72b6a194c153c175aa59
2155861fca93c65061326c2853aacb039113673a3b669c826895148585d0775d
228f08d7d79b9a75e9df18997ee260c139fe2d538924d5f05037e047d3f41d38
2d042ae177f7d076320fa923d0bfc2d3f831e3dacec0ff6fffc1328d4e36f2f9
2e095c77cbc278604a08136ba272382190c0c7a12a26777a33ca20fafbb59186
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0
373819462e59557a0cbe523389ce18a1681a2ffeaebc4a3ea24951694cba75ff
387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463
4071465b2c0223da0e296a2d9ed8fbec379caa2d8eccacf96113afa481d7714a
42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e
43ffc04fc9feaf3e018ef29811c774bd365508ef79d33f9e63c5156a6fc90bf8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447a2a5f4391b8fe1d066daaecf021ebd2ab58f75d811284a1475e2f9e86d3a6
4621daf70705ca4ad2cdfa8c95058ddcf4966d0146230d6abe449f49f7c8d107
4a948cad1525b333f4615fb0203e3dcf4a5fdef9409adb657fceeab1dcb37f7d
4b10ed849684d1d7752b60848316f4db37f8845c68e43f07df2bef44262684b0
4bf7bbe2ff34569ca8208b5df957ae1bd37d2403d378146fb4e993155cb9820d
4c92a856ef5f00e2ac59b76a4960d24a2dc57e80fe559acaabf141494ef00081
4d853f486dc84fdc7d1b073cbe0567f4ad79b211fc28ed46186bbb0c8cd1ad26
5242ab5df4690e1c975cefd6c70bc7f19037060288e9254c16b3ea0b07f3b222
5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910
55ad4ae907116ad35b297435591c83d061a169558958b460855b1e7563e02cc8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
5b7290b38b86182592c3a60c491c3a977318c034959142a61d92a75025b3c334
5f2662d3a952503f1a49334a9436df710115bffcb783697a5c6e85f8d5883d1c
616a7f16e89518adbc89002f178ebfac5756fc3e96ca30a807ce65ee0e7e4530
62553d159189834af73c9a6264704be5b2bee9a08da66a14768d8e5c6ffd2cdb
633600072534f800c00ce54b60270678545462434c28e1865dde26273d8b00d3
65a1c8e40f97a72622872b33032cc16d98c9cd61c56d1fe897a0ded9a7375dc4
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6ac9331443944513cc67eb67afa7289da3148bb279610de6a82ec2cbb9fd5855
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
794559db00f5a68a8a82dc14f100cd1f9a970cbea66701ca8a43dee9919ffe03
7959e686f3668a5465c5eacedf2d57eb61675b5f8584fcb07114aa38b63d53b8
7c2591f422aa5cfb1f8bf00a5db7c9407e81037dbeaf22b2e8a791e56468cdf3
7cc1ff7f9b57caf071c85b50968032dea1fa2ff1dc8a84da9d248d70a7820ffd
7fdcb805a20649db94783ffc68e227bd61a806f29af381db6c84b52138d2dccd
82fadff367a12e614a5ec145bec6ea58ab214367c8c6f3186ca07353b0bbf16b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8fa4fe2a0dfba4039b6ef27e3bb35df1b51a3156a92a7cdcbaf4c5e6fa80769a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94d36389725742972c21bdd98cf45448b1ae4378e98f0424f3093f53235c88e6
a00ac1e97469410d27c7807937a01a9fb37272970d20a0178bad424be0bdf6ae
a1f8f7541a2982d7df75f73d0234a3f2afdc8302f361078f883d25a3a574bae4
a3ca2178c03aa90413665605224901388a8a7694be710ccf31d1c9546f6bb558
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ad35b390ce3898cfef7bb94973d42ab290ec56f7315e0b459f4ba017eac96f07
b0403829bc66fd1f26c7ad7f42a2560787fe44f34417d357ed83d107ab32d983
b4aedc93d1c0050ee019a0f8a838d5de2b64ca89662eb31c45e04da5d3f09b4f
b684de47fc5d19de433e8fbf5b88e429fe6effe478970b31dafeb0dfc68286d8
b71a29ecd59a83648619466fa24609d9030aa3eb31b3cedc7f9b424d2da1a270
bc00fa2bd200ddd72f9d14cb184c078b5a6154a7beaabb114007663d05677726
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121
cb5224674e43d02db0037517f4aa29ba5ce9ddd0672e513cc7289714ba657522
cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726
cc5e488d62c15f3f9f1fd1703800c796bcc163b1067d571956c40c484fcd1c3b
ccee1682963a5d9deecdb1dcf9f8e00135cf80c850f2e3309637aa0b14a47938
ce1eade43de61291fb7e1708bdbe373f955aa88e54e9c894fa6ab1ed455ab1b5
cf773224fb7b3fd5978d7b527d003387334f71f37ed57e9ea50fe7b9bf4d6a76
d1af850eed9d8f478503ae0d24ebdd78691a15ed523db6f16df44b9da327c0d5
d1b07feb8dacb85eaa974e4da4e4268679888a74f92ed43e15123ac701717ec6
d2012aadea462fafe352402e17767e0f80b6407c288876a88052e478cc6e9466
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
d5ecf2f6d5b7937dd1aa50165b89193436347d55cb130951d41e028b1f09d3af
d70ca063e74794c815071ccfb049724e710670831daec887b7d5b826aabf5083
d7682802f498d1a1e18aeed9cd0835877313667f442a6e15f01d434065bff102
d875f9a2038e25a599452c9e774403240c3bc83df261ed41188bd7ecdf71fee0
dab4ed514d39f2a7cf4ccf6215d9cd4c851d24c9ccf85839cc73e4097d38df61
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4efcc099f128e3655108f269adb8e838c24ee54d98c3903a22dec225e3e1221
e66d13cdbe7155c99d0a046d9d9f2d5510c4acdb31032bc0f7b600d49bd3571a
e8762831ff219f8b76b3479d9ffb9da218a058d059993123584cdbb5da6c079b
e8d7cc2b6e93524746e8e404110e2522af2e36914863a25c68cf059c12e71c77
ea40563dac288d2a4e806100888a28be233519095512b5b0f44f02d4a4b23aea
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f16de7b1b4aaefe1a073fd179d639c5264e6451ea208b8b9cf72ef0d846b308f
f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e
f80603874c68fef25ac9ffe412a6c6056ab267d7e4d044f090c8282ab80c4da5
f8a52a29d96cfbd4f122661dbc14f5394eb73864746158e8c2a478ea7e6f7357
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe6ee10b03114d58ae3552f76f67608965f961c9d2743a003b3c8da7e5ff4f7c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffba9a52471b5e7d35690f8297267837b94bdce89a67fa3ab13e5574d686a546
fffcc1196c1beb2cd92264e3b6efe6fdebc9129610b8308987eff5d97ebab507

www.picussecurity.com Open in urlscan Pro 199.60.103.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

145 Requests

98 %HTTPS

51 %IPv6

32 Domains

50 Subdomains

40 IPs

4 Countries

1938 kBTransfer

5545 kBSize

39 Cookies

22 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.picussecurity.com Open in urlscan Pro
199.60.103.29 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

98 %
HTTPS

51 %
IPv6

32
Domains

50
Subdomains

40
IPs

4
Countries

1938 kB
Transfer

5545 kB
Size

39
Cookies

145 HTTP transactions
3 data transactions