www.fortinet.com Open in urlscan Pro
2600:1f16:160:aa02:4c34:efb7:29af:4543 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
Submission: On July 24 via api (July 24th 2024, 11:34:49 am UTC) from DE — Scanned from US

Summary HTTP 125 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 1 countries across 34 domains to perform 125 HTTP transactions. The main IP is 2600:1f16:160:aa02:4c34:efb7:29af:4543, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.fortinet.com. The Cisco Umbrella rank of the primary domain is 221752.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 16th 2024. Valid for: a year.

This is the only time www.fortinet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2600:1f16:160... 2600:1f16:160:aa02:4c34:efb7:29af:4543	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2600:1408:c40... 2600:1408:c400:98f::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.193.67.242 34.193.67.242	14618 (AMAZON-AES) (AMAZON-AES)
1	18.205.181.228 18.205.181.228	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.213.66.237 3.213.66.237	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.217 63.140.38.217	14618 (AMAZON-AES) (AMAZON-AES)
6	23.212.248.22 23.212.248.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.221.241.188 23.221.241.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2400:52e0:1a0... 2400:52e0:1a00::1206:2	200325 (BUNNYCDN) (BUNNYCDN)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2607:f8b0:400... 2607:f8b0:4004:c1f::61	15169 (GOOGLE) (GOOGLE)
1	2600:1408:c40... 2600:1408:c400:d::17cd:6a49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	13.248.142.121 13.248.142.121	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	() ()
1	2606:4700:303... 2606:4700:3030::ac43:a3ed	() ()
1	63.140.39.117 63.140.39.117	() ()
2	2600:1408:c40... 2600:1408:c400:5::17c7:3719	() ()
2	34.117.77.79 34.117.77.79	() ()
125	22

33 2600:1f16:160:aa02:4c34:efb7:29af:4543 (Columbus, United States)

ASN16509 (AMAZON-02, US)

www.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:1408:c400:98f::1e80 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.67.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-67-242.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.181.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-181-228.compute-1.amazonaws.com

fortinet.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.66.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-66-237.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.217 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-217.data.adobedc.net

fortinet.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.212.248.22 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-22.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.221.241.188 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-241-188.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1206:2 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1f::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:d::17cd:6a49 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:a3ed (None, )

ASN- ()

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.39.117 (None, )

ASN- ()

metrics.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:5::17c7:3719 (None, )

ASN- ()

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (None, )

ASN- ()

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	fortinet.com www.fortinet.com — Cisco Umbrella Rank: 221752 metrics.fortinet.com	6 MB
22	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	150 KB
7	6sc.co j.6sc.co — Cisco Umbrella Rank: 12402 c.6sc.co — Cisco Umbrella Rank: 16017 ipv6.6sc.co — Cisco Umbrella Rank: 12823 b.6sc.co — Cisco Umbrella Rank: 6896	20 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	127 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	445 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 4363 tr.outbrain.com — Cisco Umbrella Rank: 4248 wave.outbrain.com — Cisco Umbrella Rank: 4246	10 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 319 fortinet.demdex.net	2 KB
2	ml314.com ml314.com	14 KB
2	licdn.com snap.licdn.com	969 B
2	facebook.net connect.facebook.net	72 KB
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 4547	3 KB
1	siteimproveanalytics.com siteimproveanalytics.com	12 KB
1	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 18992 Failed
1	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 59906	18 KB
1	omtrdc.net fortinet.tt.omtrdc.net — Cisco Umbrella Rank: 990592	3 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2184	490 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	305 B
0	eyeota.net Failed ps.eyeota.net Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	adsrvr.org Failed match.adsrvr.org Failed
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	facebook.com Failed www.facebook.com Failed
0	siteimproveanalytics.io Failed 6033413.global.siteimproveanalytics.io Failed
0	adnxs.com Failed secure.adnxs.com Failed ib.adnxs.com Failed
0	inzynk.io Failed tags.inzynk.io Failed
0	ads-twitter.com Failed static.ads-twitter.com Failed
0	mountain.com Failed dx.mountain.com Failed
0	mathtag.com Failed pixel.mathtag.com Failed
0	argusplatform.com Failed tmp.argusplatform.com Failed
0	demandscience.com Failed abm-tracking.demandscience.com Failed
0	techtarget.com Failed trk.techtarget.com Failed
0	omappapi.com Failed a.omappapi.com Failed api.omappapi.com Failed
0	doubleclick.net Failed googleads.g.doubleclick.net Failed ad.doubleclick.net Failed 10104846.fls.doubleclick.net Failed
125	34

	Domain	Requested by
33	www.fortinet.com	www.fortinet.com
22	assets.adobedtm.com	cdn.cookielaw.org assets.adobedtm.com
6	cdn.cookielaw.org	www.fortinet.com cdn.cookielaw.org
5	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
4	b.6sc.co
3	bat.bing.com	assets.adobedtm.com bat.bing.com
2	ml314.com	www.fortinet.com ml314.com
2	snap.licdn.com	www.fortinet.com snap.licdn.com
2	connect.facebook.net	www.fortinet.com connect.facebook.net
2	tr.outbrain.com	amplify.outbrain.com
2	amplify.outbrain.com	www.fortinet.com amplify.outbrain.com
2	script.crazyegg.com	www.fortinet.com script.crazyegg.com
2	dpm.demdex.net	www.fortinet.com
1	metrics.fortinet.com
1	siteimproveanalytics.com	assets.adobedtm.com
1	epsilon.6sense.com	j.6sc.co
1	wave.outbrain.com	amplify.outbrain.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	a.opmnstr.com	assets.adobedtm.com
1	j.6sc.co	www.fortinet.com
1	fortinet.tt.omtrdc.net	www.fortinet.com
1	cm.everesttech.net	1 redirects
1	fortinet.demdex.net	www.fortinet.com
1	geolocation.onetrust.com	cdn.cookielaw.org
0	ps.eyeota.net Failed
0	sync.crwdcntrl.net Failed
0	match.adsrvr.org Failed
0	idsync.rlcdn.com Failed
0	www.facebook.com Failed
0	6033413.global.siteimproveanalytics.io Failed
0	10104846.fls.doubleclick.net Failed	assets.adobedtm.com
0	ib.adnxs.com Failed
0	secure.adnxs.com Failed
0	tags.inzynk.io Failed	assets.adobedtm.com
0	static.ads-twitter.com Failed	www.fortinet.com
0	dx.mountain.com Failed	www.fortinet.com
0	pixel.mathtag.com Failed	www.fortinet.com
0	tmp.argusplatform.com Failed	www.fortinet.com
0	abm-tracking.demandscience.com Failed	www.fortinet.com
0	trk.techtarget.com Failed	www.fortinet.com
0	api.omappapi.com Failed	a.opmnstr.com
0	a.omappapi.com Failed	a.opmnstr.com
0	ad.doubleclick.net Failed
0	googleads.g.doubleclick.net Failed	www.googletagmanager.com
125	45

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.twitter.com
www.youtube.com
www.instagram.com
www.facebook.com
fortiguard.com
community.fortinet.com
investor.fortinet.com
onetrust.com

Subject Issuer	Validity	Valid
*.fortinet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2025-07-15`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
6sc.co R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
a.opmnstr.com R11	`2024-06-25` - `2024-09-23`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-04-23` - `2025-05-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-02` - `2024-07-31`	3 months	crt.sh
siteimproveanalytics.com WE1	`2024-06-21` - `2024-09-19`	3 months	crt.sh
metrics.fortinet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-26` - `2025-01-25`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
event-horizon.gcp.bomm.in WR3	`2024-06-23` - `2024-09-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
Frame ID: EB64F3723E3C4FDBAA2DD03F876723A5
Requests: 124 HTTP requests in this frame

Frame: https://fortinet.demdex.net/dest5.html?d_nsid=0
Frame ID: FA8673D31E94569D093E1868741CE515
Requests: 1 HTTP requests in this frame

Frame: https://10104846.fls.doubleclick.net/activityi;dc_pre=CObe4NPKv4cDFcHl_QUdgloH5g;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9257585198521.613
Frame ID: 9D421B1E9BD38AADFCBAB2A968284F23
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exploiting CVE-2024-21412: A Stealer Campaign Unleashed | FortiGuard Labs

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/
/etc\.clientlibs/

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

125
Requests

78 %
HTTPS

55 %
IPv6

34
Domains

45
Subdomains

22
IPs

1
Countries

7113 kB
Transfer

10205 kB
Size

21
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/fortinet

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fortinet

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCJHo4AuVomwMRzgkA5DQEOA?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fortinet/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fortinet

Search URL Search Domain Scan URL

URL: https://fortiguard.com/
Title: FortiGuard Labs

Search URL Search Domain Scan URL

URL: https://community.fortinet.com/
Title: Fortinet Community

Search URL Search Domain Scan URL

URL: https://investor.fortinet.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://cm.everesttech.net/cm/dd?d_uuid=05290515631624218861602441434002732856 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqDm1gAAALInRgNP

Request Chain 108

https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9257585198521.613 HTTP 302
https://10104846.fls.doubleclick.net/activityi;dc_pre=CObe4NPKv4cDFcHl_QUdgloH5g;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9257585198521.613

125 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request exploiting-cve-2024-21412-stealer-campaign-unleashed Show response
www.fortinet.com/blog/threat-research/ 70 KB
25 KB 655ms
138ms Document
text/html 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b8bd6ae17f88486fa86c4acb7f2190d93bcbdd5e223e55b46273cb0eb0a05878

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 66410
Cache-Control: max-age=600, public, s-maxage=10800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 23684
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Type: text/html;charset=utf-8
Date: Wed, 24 Jul 2024 11:33:51 GMT
ETag: "118e6-61ded33bb24f5-gzip"
Last-Modified: Tue, 23 Jul 2024 17:07:52 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Id: qYV13ea4CBYAHb5GA83uUHlk1b4qu56LQqVgsCggcacg-PQhTbiiBg==
X-Amz-Cf-Pop: CMH68-P1
X-Cache: Hit from cloudfront
X-Content-Type-Options: nosniff
X-Dispatcher: dispatcher2uswest1-28559771
X-Frame-Options: SAMEORIGIN
X-Vhost: publish
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK visitorapi.min.js Show response
www.fortinet.com/etc/designs/fortinet/adb-target/ 64 KB
30 KB 297ms
108ms Script
application/javascript 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet/adb-target/visitorapi.min.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher1uswest1-28559594
Date: Mon, 22 Jul 2024 16:09:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Encoding: gzip
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
X-Vhost: publish
X-Cache: Hit from cloudfront
Age: 156337
Connection: keep-alive
Content-Length: 29532
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 15 Feb 2024 21:43:32 GMT
Server: Apache
ETag: "fe2d-6117284c96900-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: EDzL7O9bApBs2xvwMGm6L_nnj3uV1bRpy8DqNTtopEIiCCqeiuDbGw==

GET
H/1.1 200
OK at.js Show response
www.fortinet.com/etc/designs/fortinet/adb-target/ 104 KB
48 KB 469ms
137ms Script
application/javascript 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet/adb-target/at.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Mon, 22 Jul 2024 14:08:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Encoding: gzip
Via: 1.1 784ffc262e0c17e3566b62b0f85f34d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
X-Vhost: publish
X-Cache: Hit from cloudfront
Age: 163557
Connection: keep-alive
Content-Length: 47782
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 21 Mar 2024 20:59:39 GMT
Server: Apache
ETag: "19e83-61431fc4b24c0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: aF6C-ZCx7Y_AUIojxfIfgyZZyuCz6cU9fqN-_OuJ_RuoO0jRy3bbcw==

GET
H/1.1 200
OK clientlib-base.min.900b148ab7b87024003111a1245cca9c.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 540 KB
28 KB 145ms
106ms Stylesheet
text/css 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.900b148ab7b87024003111a1245cca9c.css

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

94633716497a85d800b6e573953942c4cfe483c0dbd68fa97fd01dd97ced5d66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Mon, 22 Jul 2024 18:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Encoding: gzip
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
X-Vhost: publish
X-Cache: Hit from cloudfront
Age: 146760
Connection: keep-alive
Content-Length: 27478
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Jun 2024 21:00:07 GMT
Server: Apache
ETag: "86e1b-61b58998583c0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: R4KDJJKrE5gKXQNTDWQD0ay1a30CUmBlpJjGSKkFtrZImAYD8A19Gg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 410ms
95ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jul 2024 11:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PzcU3Ivp6w0l3AsetHXgNw==
age: 71979
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jul 2024 16:52:22 GMT
server: cloudflare
etag: 0x8DCAA6EA7FD79D6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84d5a425-501e-00d8-5667-dc345b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a839a478e4b4245-EWR

GET
H/1.1 200
OK fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ 32 KB
3 KB 149ms
149ms Image
image/svg+xml 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/fortinet-logo-white.svg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Wed, 24 Jul 2024 11:32:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Encoding: gzip
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
X-Vhost: publish
X-Cache: Hit from cloudfront
Age: 29025202
Content-Disposition: attachment; filename="fortinet-logo-white.svg"
Connection: keep-alive
Content-Length: 1998
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 22 Feb 2018 23:16:01 GMT
Server: Apache
ETag: "7ebb-565d53a1d6e40-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: _1sbNlwPJqX7XWzyarpZdpDE11x7ZvFx1niKClfQwXzeD9fb52fJuQ==

GET
H/1.1 200
OK toc-icon.jpg
www.fortinet.com/content/dam/fortinet/images/ 1 KB
3 KB 126ms
126ms Image
image/jpeg 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet/images/toc-icon.jpg

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Wed, 24 Jul 2024 11:33:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 21837619
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1277
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 14 Nov 2023 17:34:13 GMT
Server: Apache
ETag: "4fd-60a2031eb4f40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: wNeltLhBGwZZIqHQRDkkA8jobN1SIJHoOjE7-NNc34-jp_C3fN9T_Q==

GET
H/1.1 200
OK clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js Show response
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 160 KB
74 KB 111ms
111ms Script
application/javascript 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher1uswest1-28559594
Date: Mon, 22 Jul 2024 18:49:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Encoding: gzip
Via: 1.1 30bcd9c773777525ee2f59713d0903a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
X-Vhost: publish
X-Cache: Hit from cloudfront
Age: 146763
Connection: keep-alive
Content-Length: 74768
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Jul 2024 20:57:37 GMT
Server: Apache
ETag: "28100-61cff033f9240-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: SP6kGNjLrSOYV7X_OCJ8bKBzfhQa3iY4BbibvRfhCAMlAcc5qugYdA==

GET
H2 200 f85f39fc-d7aa-467a-b762-fbb722748016.json Show response
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/ 5 KB
2 KB 412ms
113ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/f85f39fc-d7aa-467a-b762-fbb722748016.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8998282f5a80fff5eaafdbd457dd7a81af0cd7c8696bfe032a6aeef8fe67f99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jul 2024 11:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 63399
content-md5: Uj3iBUKm1Vl2g2NHq67V+w==
content-length: 1792
x-ms-lease-status: unlocked
last-modified: Thu, 28 Dec 2023 19:56:54 GMT
server: cloudflare
etag: 0x8DC07DF23DF5130
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 67257c4e-101e-0033-60c8-396628000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a839a4a1ea1c34f-EWR
expires: Thu, 25 Jul 2024 11:34:43 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK cve-2024-21412-hero.png
www.fortinet.com/content/dam/fortinet-blog/article-heros/ 429 KB
431 KB 107ms
106ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/article-heros/cve-2024-21412-hero.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

05b1d251b44fdd42bd27a73eb373440c9957297292c3f13a677eb908648486ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 13:16:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 81078
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 439634
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:40:28 GMT
Server: Apache
ETag: "6b552-61d8d43f52f00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: OmfAnwuYT4JJJbJS5_mCg7pcd5UkYzGNbeTdu6bb_QRukPPc5GcL6A==

GET
H/1.1 200
OK UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
www.fortinet.com/etc/designs/fortinet/gfonts/ 37 KB
38 KB 105ms
105ms Font
application/octet-stream 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet/gfonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.900b148ab7b87024003111a1245cca9c.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.900b148ab7b87024003111a1245cca9c.css
Origin: https://www.fortinet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Thu, 11 Jul 2024 21:13:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 1088495
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 37716
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 May 2022 21:08:06 GMT
Server: Apache
ETag: "9354-5df4fa74ff980"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Cache-Control: max-age=2000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: bDKM9sJ4okZwZos4oxuxSyBq_FiVYeDWOCG-V1ZiwH-nrET3yFcQEQ==

GET
H/1.1 200
OK stealer-1.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image.img.png/1721335821214/ 85 KB
86 KB 105ms
105ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image.img.png/1721335821214/stealer-1.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

855f75e3c59ecf05751e400ad7f8ef021ab050a882b7c4861a187c9475c16dbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67097
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 86575
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 20:50:21 GMT
Server: Apache
ETag: "1522f-61d8bba265d40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: JaWwnG2g0KZ7OcBkRVSTKtJZLKjwoSPu0GmBtnfFwy8w7xI-PBB8OA==

GET
H/1.1 200
OK stealer-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy.img.png/1721340599411/ 62 KB
63 KB 105ms
105ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy.img.png/1721340599411/stealer-2.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bf75adb4dce36bece1ce5451a9fb6d4fbd65ee72fc074b55ca676f2d8898da5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:04:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 30bcd9c773777525ee2f59713d0903a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67628
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 63509
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:09:59 GMT
Server: Apache
ETag: "f815-61d8cd6f0dbc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: fIUB6l8mBdTz8nqBHtz8JP_Il6T1_tTvJI3ysjY0uUoGN_C4gHiv4A==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK stealer-3.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy.img.png/1721338963877/ 25 KB
26 KB 104ms
104ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy.img.png/1721338963877/stealer-3.png

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1d7b331a045e0921f57a7aca33a2be27539027cc5b1ded6de5ad38263eddf8a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher1uswest1-28559594
Date: Tue, 23 Jul 2024 17:18:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 30bcd9c773777525ee2f59713d0903a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67632
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 25740
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 21:42:43 GMT
Server: Apache
ETag: "648c-61d8c756d7ac0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 85tYRw3mtsOkJJp3AyKhzWp2yseKegN1_yBneK-TkbjmNtFOu8-7ww==

GET
H/1.1 200
OK stealer-3-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_110863164.img.png/1721338977125/ 25 KB
26 KB 107ms
107ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0e5f18649f61dd74f9caf157048d64c16ceb0fd2e8b54ed9e3c6ff1ebf22bd24

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67096
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 25595
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 21:42:57 GMT
Server: Apache
ETag: "63fb-61d8c76431a40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 0_dYr6r3Oo8ou5jB5aBUFlk210sxy6Fc2pSFspq7W1YbBs6eDFsgZQ==

GET
H/1.1 200
OK stealer-4.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy.img.png/1721339893610/ 255 KB
256 KB 105ms
104ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e3a54e557f40c9a8528562f5f9fe39cb3fce5ad1e3f4238ec791c17961645240

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher1uswest1-28559594
Date: Tue, 23 Jul 2024 17:18:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67632
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 260902
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 21:58:13 GMT
Server: Apache
ETag: "3fb26-61d8cacdc2740"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: lUVuy1SrvK5sssuP-IC07JlnX0SBTgaTbYXIe6GQtV2oxsa5tYz7Hg==

GET
H/1.1 200
OK stealer-5.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_967242649.img.png/1721339920989/ 736 KB
737 KB 106ms
105ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bdfd8a95ffd68d8bc7149ea79a3ca8a1869fe507a42e4f7a368f626843346e89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 784ffc262e0c17e3566b62b0f85f34d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67627
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 753246
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 21:58:40 GMT
Server: Apache
ETag: "b7e5e-61d8cae782400"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: cIEzsFYTKgxf-AjNbQWwiKCOjxCJuZMGvYXRAWyk230sLqRwaq6nvQ==

GET
H/1.1 200
OK stealer-6.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1215818884.img.png/1721340297519/ 226 KB
227 KB 188ms
110ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

895f6b9e5d37c494c7c8ebf30eade521c286b27001d256e3a37f5ac27684a57d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67627
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 231447
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:04:57 GMT
Server: Apache
ETag: "38817-61d8cc4f0b440"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: rmkwoQmFQJ9Av9BV1N4I3lzUJURWZFW2LFKxHes2wt9Eb9vlIDlO6w==

GET
H/1.1 200
OK stealer-6-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_386732739.img.png/1721340317097/ 251 KB
252 KB 177ms
104ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e2d910265020b45a6878d4b62b104bc4cfbcf7554e7386d81aef7a0ae208048e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 30bcd9c773777525ee2f59713d0903a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67230
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 257145
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:05:17 GMT
Server: Apache
ETag: "3ec79-61d8cc621e140"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: dxLYwWbJMHJPCg_YKwaWxQnehCtbbwJzZ9RYDbUAGQKc6nugdf16dQ==

GET
H/1.1 200
OK stealer-7.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1175059951.img.png/1721340377992/ 485 KB
486 KB 173ms
107ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

663fcd2b41d75e07e72ea2622d80566bcf10f1951f7293217d5fd9c9e3e542d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher1uswest1-28559594
Date: Tue, 23 Jul 2024 17:18:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67631
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 496746
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:06:17 GMT
Server: Apache
ETag: "7946a-61d8cc9b56840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: JgKJxKEWrzxf9ndWm0aXmdEhv5pTywP0VdOzd_JSVqfPsWxhUof9iA==

GET
H/1.1 200
OK stealer-8.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1558477246.img.png/1721340431350/ 36 KB
38 KB 168ms
106ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

770be267abb4fe287bf67c2fdbdf4f14556632b8e07a6d464e58ca56e3e33474

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67097
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 37083
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:07:11 GMT
Server: Apache
ETag: "90db-61d8ccced61c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: k8nQkPAEMH0Ev82kheXPO2W4221ttaEjNeB7I5QZHvqQKdpKf2odtg==

GET
H/1.1 200
OK stealer-8-2.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_447561515.img.png/1721340453929/ 31 KB
32 KB 164ms
105ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ebd0b0892d3b17adc658369a10ebfe9abcd4883fd08bb047fd66dd459edd4481

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 30bcd9c773777525ee2f59713d0903a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67626
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 31764
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:07:33 GMT
Server: Apache
ETag: "7c14-61d8cce3d1340"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: nKxy3Y0SNXGAIQ-YXpGIgmAq0qxTXlONraf7uk8891G1Q1I5fClLXQ==

GET
H/1.1 200
OK stealer-9.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_299690718.img.png/1721340797851/ 548 KB
549 KB 119ms
105ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bedf62e46e59fa272ad95971fb563c91a33501c2443058083872960861534da7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher1uswest1-28559594
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 784ffc262e0c17e3566b62b0f85f34d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67632
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 561099
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:13:17 GMT
Server: Apache
ETag: "88fcb-61d8ce2be1940"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: MmqnRHsqBv6SbFj0m7F2JpgMSagW5Sg4ukibB_cBMIWaQocQnesPFg==

GET
H/1.1 200
OK stealer-10.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_486093180.img.png/1721341353108/ 536 KB
537 KB 130ms
111ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bec82187bec72da82a4eed1c0c3624ac495ca960b7286da80815db9b5c43777e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 7d742df65452f74d1ef6daa93f595db8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67366
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 548887
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:22:33 GMT
Server: Apache
ETag: "86017-61d8d03e1fc40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: x2l50zvbYJD7QuUVy6NnHMO05ZWu26FVD8A-zlJHRD_SEc2HqcBZzA==

GET
H/1.1 200
OK stealer-11.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1792784929.img.png/1721341661455/ 495 KB
497 KB 107ms
107ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

114ed516604e98cd030c85d1be345541019326d2f32bb784626fb13ad57f8744

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67367
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 507338
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:27:41 GMT
Server: Apache
ETag: "7bdca-61d8d163db140"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: urChym8dVxUM5u-nb86vIQsx9gdZP-xv7U1q1yqAedkgj-Zn5apGRA==

GET
H/1.1 200
OK stealer-12.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_125801863.img.png/1721341839402/ 54 KB
55 KB 109ms
109ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

30ddee8ebf0ffd7c415585a9e3a0e8023deb80ed05b857a4427dbb75790c43bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67097
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 55265
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:30:39 GMT
Server: Apache
ETag: "d7e1-61d8d20d9c1c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: W3VwWy51XbTJAT51f9hYAKPbF08jpnwXPD9f3XnYKto17G7MjEu9wA==

GET
H/1.1 200
OK stealer-13.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1354616904.img.png/1721341858282/ 508 KB
509 KB 104ms
104ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

3e63ed3b834f3a6961e1476a3dfadffb78212feac2bf804352a6926091b4c828

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 30bcd9c773777525ee2f59713d0903a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67097
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 520084
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:30:58 GMT
Server: Apache
ETag: "7ef94-61d8d21fbac80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 7cKalmipoeurCaVN1Dbg8gr5TQfTHfhvUqMtsTInC-DYa56HzmK6LQ==

GET
H/1.1 200
OK stealer-14.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_210389830.img.png/1721341914790/ 287 KB
288 KB 131ms
130ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b64cae93d3398a9d5da33d3728f714a222df73943f87b81b7f2c49d58e2794ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67366
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 293512
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:31:54 GMT
Server: Apache
ETag: "47a88-61d8d25522a80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: YwNyQzpGet1NMYLRiQen8-kFhrDz6m6KjSDkKLhYntL4ylfy9z_nBw==

GET
H/1.1 200
OK stealer-15.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1279974212.img.png/1721341938787/ 102 KB
103 KB 147ms
147ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d1fe20aff60f91b78aabd65363112fbc84a8e7c8dd0c258bb1aae48cc4e4879c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 784ffc262e0c17e3566b62b0f85f34d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67366
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 104452
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:32:18 GMT
Server: Apache
ETag: "19804-61d8d26c06080"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: mdXR2fCpvYn_EzDEPVILxbpASllZeAKKq4Jm2O_XRhrK3-loMPD66w==

GET
H/1.1 200
OK stealer-16.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_398882795.img.png/1721341971772/ 270 KB
271 KB 141ms
140ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8883bc0b8dd0d8b6e1f37046e643e3487484913aae5fedbb41b9c0c059ecf123

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67097
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 276602
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:32:51 GMT
Server: Apache
ETag: "4387a-61d8d28b7eac0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: hzw7neCn9UHMdAN5mZDHvoZhDu-7ve4hJkSvL6bx4b0JpTxka47n7g==

GET
H/1.1 200
OK stealer-17.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_1313884336.img.png/1721342021064/ 192 KB
193 KB 106ms
106ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

93f1175b9eb9dcdf7cc89fb8a0049b1734aead76c4e9a71ce2e74c6659dfc7a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 17:18:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67365
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 196311
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:33:41 GMT
Server: Apache
ETag: "2fed7-61d8d2bb2db40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: XayhgxVKg4owX20xszpWrsJGnZa6oqgpp0vgk9WDUlPuUOyzWlgLzw==

GET
H/1.1 200
OK stealer-18.png
www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed/_jcr_content/root/responsivegrid/table_content/par/image_copy_copy_copy_991419676.img.png/1721342039151/ 230 KB
231 KB 106ms
106ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9453297b8c031ffe12f292174750cabd95f6069010d7dfb77e3e840f462706e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Tue, 23 Jul 2024 22:34:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 30bcd9c773777525ee2f59713d0903a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 67365
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 235191
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 22:33:59 GMT
Server: Apache
ETag: "396b7-61d8d2cc583c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: -0nvWgikdsV0ghGkADTJIoPkIMfFXYzaMR0NkcQ6GZSpdSYV28xkOA==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
305 B 497ms
163ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8a839a4d195d4cb1-PHL
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 137ms
135ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jul 2024 11:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 63149
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 79698
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:43:00 GMT
server: cloudflare
etag: 0x8D89735260901BC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 196e3d49-701e-0078-0644-149a7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a839a4e2c444245-EWR

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/68cad325-7b77-4fcb-9f98-ba2e81aa9045/ 99 KB
24 KB 108ms
107ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/68cad325-7b77-4fcb-9f98-ba2e81aa9045/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad0607daba7c0ddecacb3c696099e761076f147549440a7b3c4baa8f67ddaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jul 2024 11:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 52962
content-md5: SDJFQYswktbx6w5cJzzMRQ==
content-length: 24004
x-ms-lease-status: unlocked
last-modified: Thu, 28 Dec 2023 19:57:06 GMT
server: cloudflare
etag: 0x8DC07DF2B6F9C71
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9f466969-301e-009d-1cc8-39cb39000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a839a4f8a99c34f-EWR
expires: Thu, 25 Jul 2024 11:34:44 GMT

GET
H/1.1 200
OK favicon.ico
www.fortinet.com/etc/designs/fortinet-blog/ 318 B
2 KB 107ms
106ms Other
image/vnd.microsoft.icon 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/etc/designs/fortinet-blog/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Thu, 11 Jul 2024 21:15:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Encoding: gzip
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
X-Vhost: publish
X-Cache: Hit from cloudfront
Age: 1088420
Connection: keep-alive
Content-Length: 133
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 22 Feb 2018 05:17:28 GMT
Server: Apache
ETag: "13e-565c628eb6a00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/vnd.microsoft.icon
Cache-Control: max-age=2000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: rvv7nwgXnWhLo6NnzQrDay2ZwAGT6uuWImPzdcqrtSgz70cP5kg4oQ==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 13 KB
4 KB 255ms
254ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jul 2024 11:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W9e0YobmEbvdB0V9OmpQkw==
age: 54183
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3329
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:50 GMT
server: cloudflare
etag: 0x8D89735209A34D6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e7ba9f8a-a01e-0009-5512-247c50000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a839a509b7dc34f-EWR

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 45 KB
12 KB 469ms
469ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jul 2024 11:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zNsRoM1FEmsEgJoYMCNTng==
age: 67062
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11755
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:53 GMT
server: cloudflare
etag: 0x8D897352245C4EA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 77f313b5-301e-0034-7eb4-210a4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8a839a52dd43c34f-EWR

GET
H2 200 launch-EN23cb8375449840dc93b13f34d935b8b9.min.js Show response
assets.adobedtm.com/ 500 KB
120 KB 1678ms
105ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3f36cb484213cafc798ef594c00ffdc27156f0106c63b539c3464bae355fb82a

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:46 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:18 GMT
server: AkamaiNetStorage
etag: "8a4c827a8473d3eaa82e456391d2db4b:1721688797.91308"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 123001
expires: Wed, 24 Jul 2024 12:34:46 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 367 B
914 B 684ms
162ms XHR
application/json 34.193.67.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1721820885058

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/etc/designs/fortinet/adb-target/visitorapi.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.193.67.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-67-242.compute-1.amazonaws.com

Software

Resource Hash

f27e29d30ac4679f737342af5cbb1bf5f39c043ec24528f208535ece9f78d3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-va6-2-v062-02f7311a7.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Wed, 24 Jul 2024 11:34:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: 40iGFYl/QpY=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.fortinet.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 310
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 dest5.html
fortinet.demdex.net/ Frame FA86 0
0 509ms
143ms Document
text/html 18.205.181.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fortinet.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/etc/designs/fortinet/adb-target/visitorapi.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.205.181.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-181-228.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.fortinet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 24 Jul 2024 11:34:46 GMT
dcs: dcs-prod-va6-2-v062-0409ab199.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 18 Jul 2024 10:28:09 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: gpw/D3HVSNg=

GET
H2

200

ibs:dpid=411&dpuuid=ZqDm1gAAALInRgNP
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=05290515631624218861602441434002732856
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqDm1gAAALInRgNP

42 B
714 B

141ms
141ms

Image
image/gif

34.193.67.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqDm1gAAALInRgNP

Protocol

Server

34.193.67.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-67-242.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v062-0096e5f67.edge-va6.demdex.com 5 ms
pragma: no-cache
date: Wed, 24 Jul 2024 11:34:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: oYYqIYv5RXc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqDm1gAAALInRgNP
Date: Wed, 24 Jul 2024 11:34:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
fortinet.tt.omtrdc.net/rest/v1/ 7 KB
3 KB 615ms
104ms XHR
application/json 63.140.38.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fortinet.tt.omtrdc.net/rest/v1/delivery?client=fortinet&sessionId=5b05643c319948d8a84ba6e0d438f94b&version=2.10.0

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/etc/designs/fortinet/adb-target/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.217 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-217.data.adobedc.net

Software

jag /

Resource Hash

c1f6998325537213639d6576ede84d0ae68168adf72672b0e39e70de8a977fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jul 2024 11:34:46 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fortinet.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: bc5a84d6-aab8-486e-ba24-e81e73028792

GET
H/1.1 200
OK flyin-fortiguard-labs-outbreak-alerts-346x172.png
www.fortinet.com/content/dam/fortinet/images/promos/pzn/ 35 KB
37 KB 174ms
173ms Image
image/png 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortinet.com/content/dam/fortinet/images/promos/pzn/flyin-fortiguard-labs-outbreak-alerts-346x172.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

480e3b349655b6f17b20ec546c300957cad9ffd98b2d29be29db79422ededc52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher2uswest1-28559771
Date: Wed, 24 Jul 2024 11:26:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
Age: 20429885
X-Vhost: publish
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 36133
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 30 Nov 2023 00:50:15 GMT
Server: Apache
ETag: "8d25-60b5408ea5fc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=684000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: xBDUZDq-4ZDo2LAY337ENlnugdV_FLF70I-_zPi975VyuWaxQoUfVg==

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 35 KB
13 KB 133ms
132ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:30 GMT
server: AkamaiNetStorage
etag: "964f8cb588092ac645368e7307eb73ac:1709578290.803919"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12938
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 3 KB
2 KB 89ms
89ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:46 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:31 GMT
server: AkamaiNetStorage
etag: "9cf185793291692f744c78c75da01dd8:1709578291.795602"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1599
expires: Wed, 24 Jul 2024 12:34:46 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
18 KB 511ms
97ms Script
application/javascript 23.212.248.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.248.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-248-22.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4dba9e54570483a0624219ec53864f468c9cbdf4f9c1f23821e539de7cb0c9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jul 2024 19:23:12 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "669182a0-10e5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, proxy-revalidate, max-age=1800
accept-ranges: bytes
content-length: 18671
expires: Wed, 24 Jul 2024 12:04:47 GMT

GET
H2 200 0786.js Show response
script.crazyegg.com/pages/scripts/0117/ 7 KB
3 KB 524ms
109ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0117/0786.js
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8db92e7cdc1ad40168c42e93b05d842e056d8a5b83ae96b95d2b1c546f828196

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 97636
cf-polished: origSize=6998
ce-version: 11.5.248
cf-bgj: minify
last-modified: Tue, 23 Jul 2024 08:27:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8a839a627d947ce8-EWR

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 555ms
143ms Script
application/x-javascript 23.221.241.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.241.188 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-241-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8489534bde4ad3c3cedebecd11b9babe653de6b413922ec2b877c5bfcb33ee3e

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 11:34:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2024 07:46:05 GMT
Server: AkamaiNetStorage
ETag: "7437febf15b08e005ac33eb9fc2707ae:1721634584.416148"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8614
Expires: Wed, 24 Jul 2024 11:54:47 GMT

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 51 KB
18 KB 1176ms
125ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 /
Resource Hash: 13c309d0ebac3484b78106413ee31f46abfc690429c64ddf6ceb1b1838424ada

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:48 GMT
content-encoding: br
cdn-edgestorageid: 718
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 07/22/2024 20:03:24
cdn-pullzone: 293267
last-modified: Wed, 10 Jul 2024 18:36:03 GMT
server: BunnyCDN-IL1-1206
cdn-fileserver: 749
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"668ed493-cc71"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 46f58e21bf8e151318c9c01bc099b535
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 520ms
102ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 24 Jul 2024 11:34:46 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 44B0F2C324FA4AE787935461FC738CF3 Ref B: PHL30EDGE0214 Ref C: 2024-07-24T11:34:47Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 RCac955f2e1e97429197e1e31aaec22e86-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 1 KB
942 B 112ms
108ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RCac955f2e1e97429197e1e31aaec22e86-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7c951a4408b8eb47ecea22bc965c50addb9e027eed0d48b1248869d967967ceb

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 684
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC41e16e9b16d1408cbf43b5b2e7378738-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 9 KB
2 KB 123ms
119ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC41e16e9b16d1408cbf43b5b2e7378738-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9e127a551b1d872db037fb1c551f032ffb34217f160a6906918f720cae169575

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1845
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC448863e9e05a4b4880daa4a5fb7da328-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 358 B
485 B 113ms
109ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC448863e9e05a4b4880daa4a5fb7da328-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c800888331e0e31f317acc8de442b6a71340d4f0d4f3db9dbb7f8e4b3172e84e

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 228
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RCa4add8b607f6404fbd2aba7ee4b9abad-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 703 B
684 B 114ms
111ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RCa4add8b607f6404fbd2aba7ee4b9abad-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a98a9441db98144c6e8c4ab37c72e26786065a15dfb36a9231be938f76984c4f

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 426
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 354 KB
117 KB 523ms
122ms Script
application/javascript 2607:f8b0:4004:c1f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c149801047c223a4b0561fa5031f157ec17c2d1fa748d94b8d5a07f0b15396c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 119099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET
H2 200 RC06cd6a06a307489f80febc787462cb12-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 635 B
642 B 111ms
109ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC06cd6a06a307489f80febc787462cb12-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0b2969b20d4b33763f23481f2dc0f0626a93fdd567798412bf891890047398a3

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 384
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC190d282f2b9c4848b2ea08ca5751fa40-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 2 KB
1013 B 111ms
110ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC190d282f2b9c4848b2ea08ca5751fa40-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 37fd820b496a40f0f5783b425ed0c873d7913a576c0f246e869c5a2be58f787e

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 755
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC7be3d22b2fd6487ca9390477738587fe-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 819 B
758 B 116ms
115ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC7be3d22b2fd6487ca9390477738587fe-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c1ccdda10c297d3aeedbe2fa72700c5f49bdf9e102090c2d62775ec3c964e078

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 501
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC407b573180554ea6b11eecdc31ecbd3f-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 819 B
756 B 115ms
114ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC407b573180554ea6b11eecdc31ecbd3f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 985071e89e5076c1b93d2b9ba507a2e890236ef8e3eaea519c7b2bc364cf84df

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 498
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC1d92f04752ae42a38e54de48cb85adf4-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 661 B
649 B 113ms
112ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC1d92f04752ae42a38e54de48cb85adf4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f41e718277c296a77a6259da8cadd84b5f195d21ea0a6eb36442de9217613c2f

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 391
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RCf940460311f349b5af69d075bdef61d4-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 368 B
493 B 112ms
111ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RCf940460311f349b5af69d075bdef61d4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ec425cce7010294e5d2601a098dabc3e75536351f58e07ada250c8642934fb8d

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 235
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RCcb6e8e438d1741e6854bf3a039a2565a-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 754 B
705 B 114ms
113ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RCcb6e8e438d1741e6854bf3a039a2565a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b5b4fea0f2608d0f0cafdee0e2b00ae659b091c6d18eda7fe291e636ba3f353c

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 447
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RCbbd24be21a0f4115a18f29bb3fee2a7a-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 2 KB
971 B 112ms
111ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RCbbd24be21a0f4115a18f29bb3fee2a7a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4b1dfdf84f81ccef7d37fc96dfd2358c87a40a04b20f063179f2c87fc1d3d382

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 713
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RCf5bd1991cad84a7294a7b609189a1fa5-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 1021 B
857 B 115ms
115ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RCf5bd1991cad84a7294a7b609189a1fa5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 59faeec7cd3ce8eba6b26823c7dd41512a380a8c3329aa0ae0270a72f4645d08

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 600
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RCcd84e40d19c24776bef77836ab2f8df6-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 819 B
758 B 110ms
109ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RCcd84e40d19c24776bef77836ab2f8df6-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3f57193ed9b7928c36cb710ac6a4af1583023f928914c094db4995420f7e3a54

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 501
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC4daaa3cd330f4ee2934602a98dab7c5f-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 388 B
499 B 112ms
111ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC4daaa3cd330f4ee2934602a98dab7c5f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 09edcbeb6bb1f2361271a99cb3369ee93e55c21a4985d8f5cfed37af10d6729d

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 242
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC17482cd8da9b4802a76d2f1e017d90ab-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 1 KB
779 B 107ms
107ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC17482cd8da9b4802a76d2f1e017d90ab-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fcce7b7353be95b84f177e00cd497eb4e485606e88cf17a5d836ee6c0f1f0f20

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 522
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC5c60a51709a94068afbf065e1448b617-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 664 B
657 B 109ms
109ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC5c60a51709a94068afbf065e1448b617-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 262c76a939f7c2d543b0f5669d8958b82954e14e17d79ced7848cd51a36e6b1d

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 400
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC0ba76d5bbb984ea6a79cd6308c48dbff-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 2 KB
981 B 113ms
113ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC0ba76d5bbb984ea6a79cd6308c48dbff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 404669b3d94f951d5e005752766d9f4e60dc4f44c7aeda8b491f204f71b760af

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 723
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 RC0829ccf7bc5a44478ae2705d4c111c37-source.min.js Show response
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/ 966 B
809 B 113ms
113ms Script
application/x-javascript 2600:1408:c400:98f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9c00aee86889/RC0829ccf7bc5a44478ae2705d4c111c37-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:98f::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3aec02b24881b79afb8d121953096fd5754b07c8d26a295bcd900b0833183933

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 22:53:19 GMT
server: AkamaiNetStorage
etag: "0537f9b1ee377a7339cd8f0bc0e42c40:1721688799.745653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 551
expires: Wed, 24 Jul 2024 12:34:47 GMT

GET
H2 200 17532650.js Show response
bat.bing.com/p/action/ 335 B
403 B 95ms
94ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17532650.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0f9a49b3445df93031ef8414eab4c9266e8e6aefc9594c8b3f49376f57ee97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 24 Jul 2024 11:34:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E54A959FFF0C4DB28D492BECE4D9F199 Ref B: PHL30EDGE0214 Ref C: 2024-07-24T11:34:47Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 www.fortinet.com.json Show response
script.crazyegg.com/pages/data-scripts/0117/0786/site/ 1 KB
746 B 463ms
164ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0117/0786/site/www.fortinet.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0117/0786.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6741b10dd5b1580642a0aa204377a8fb50c2dd86c38fd4cd07e2319eefaa93d7

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 97635
ce-version: 11.5.248
content-length: 474
last-modified: Tue, 23 Jul 2024 08:27:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a839a652e534368-EWR

GET
H2 200 / Show response
c.6sc.co/ 7 B
194 B 91ms
90ms XHR
text/html 23.212.248.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.fortinet.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 22 B
316 B 579ms
173ms XHR
text/html 2600:1408:c400:d::17cd:6a49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:d::17cd:6a49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1e91c990301e6c54d07d12600708b25a5861c6da4256c63bcb22bf1f0c5d81b8

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:47 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.fortinet.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2600:803:a88:3197::197
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721820887868_400219721_612126642_24_1141_42_104_219";dur=1
content-length: 22
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 174ms
133ms Image
image/gif 23.212.248.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=82e0263c-db0a-496c-8ab9-597a741c414e&session=eab8d557-9691-4906-8f94-eaefb848dd36&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2024%20Jul%202024%2011%3A34%3A47%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22FortiGuard%20Labs%20has%20observed%20a%20stealer%20campaign%20spreading%20multiple%20files%20that%20exploit%20CVE-2024-21412%20to%20download%20malicious%20executable%20files.%20Read%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&pageViewId=40a7a206-94f4-44aa-8ebe-7852c7a2687c&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.248.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-248-22.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 174ms
133ms Image
image/gif 23.212.248.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=82e0263c-db0a-496c-8ab9-597a741c414e&session=eab8d557-9691-4906-8f94-eaefb848dd36&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2024%20Jul%202024%2011%3A34%3A47%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%225eeecf22b2d12a77a14639dce97b7a36%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2024%20Jul%202024%2011%3A34%3A47%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2024%20Jul%202024%2011%3A34%3A47%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2024%20Jul%202024%2011%3A34%3A47%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%227381d1d7c753fe2d8e217c3fdc44c0f17418dcc4%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2024%20Jul%202024%2011%3A34%3A47%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22FortiGuard%20Labs%20has%20observed%20a%20stealer%20campaign%20spreading%20multiple%20files%20that%20exploit%20CVE-2024-21412%20to%20download%20malicious%20executable%20files.%20Read%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&pageViewId=40a7a206-94f4-44aa-8ebe-7852c7a2687c&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.248.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-248-22.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:47 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 521ms
125ms Fetch
image/gif 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=05115340736136786&referrer=&cht=ot&marketerId=00ad3119690e692fd6990245f9741ea8f1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&g=0&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
cache-control: no-cache
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: b26769acf5a13690fc67effa1424497c
content-length: 54
content-type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 564ms
169ms Script
application/javascript 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00ad3119690e692fd6990245f9741ea8f1

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 8e34ec0b1625ea09fbacfae05bd42e14
content-length: 39
content-type: application/javascript

GET
H/1.1 200
OK 00ad3119690e692fd6990245f9741ea8f1 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 480ms
174ms Script
text/html 23.221.241.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00ad3119690e692fd6990245f9741ea8f1

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.221.241.188 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-221-241-188.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Wed, 24 Jul 2024 11:34:47 GMT
ob-sent-time: 1721779125759
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=60
X-CC: US
Connection: keep-alive
x-traceid: 21b9ca85ac27edf64db310ca0e91a4f2
Content-Length: 22
Expires: Wed, 24 Jul 2024 11:35:47 GMT

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 515ms
171ms Fetch
text/html 23.221.241.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.241.188 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-241-188.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 11:34:47 GMT
Observe-Browsing-Topics: ?1
Content-Type: text/html
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Content-Length: 26
Expires: Wed, 24 Jul 2024 11:54:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 108ms
107ms Script
application/javascript 2607:f8b0:4004:c1f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-662878185&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

733af1f9f161901223beb471b1e2b6127d63a2122163dfd3fddbed986d7a7340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88554
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 112ms
111ms Script
application/javascript 2607:f8b0:4004:c1f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10050195&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da05fe7840659b4f64ec6d40d52bfa9c403b6f9f3a3a8f89e310557037802fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77291
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 152ms
151ms Script
application/javascript 2607:f8b0:4004:c1f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-609297413&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8996c65493d0892ad859c51e0b8bc630154cc6787f3cca108ab29fb9211bfa8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83346
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
84 KB 120ms
119ms Script
application/javascript 2607:f8b0:4004:c1f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-729495989&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14ab272acece0b7aab916147adc3e64fb3a6a0ea3477a7eb12b27a8ca8fd3be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86188
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 11:34:47 GMT

GET details
epsilon.6sense.com/v3/company/ 0
0

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 479ms
163ms Preflight 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.fortinet.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.fortinet.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Wed, 24 Jul 2024 11:34:48 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: us-east-1a
x-trace-id: 4109233702302842153

GET
H2 204 0
bat.bing.com/action/ 0
361 B 95ms
94ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17532650&tm=al001&Ver=2&mid=27dc8fac-9ef6-426c-9265-13f488b8b999&sid=bb4a0e7049b011efa9307789cd1a066f&vid=bb4a584049b011ef8a71af2953eb2335&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&p=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&r=&lt=2350&pt=1721820882104,,,,,1,182,182,182,518,216,518,655,702,661,1317,1317,1326,2350,2350,2350&pn=0,0&evt=pageLoad&sv=1&cdb=AQET&rn=467036

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 24 Jul 2024 11:34:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5BAC55486E6D4B6895FC4EB2A4D61A36 Ref B: PHL30EDGE0214 Ref C: 2024-07-24T11:34:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/ 0
0

GET activity;src=10050195;npa=0;auiddc=1087176710.1721820888;ps=1;pcor=1535081051;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb9123037237;gcd=13l3l3l3l1...
ad.doubleclick.net/ 0
0

GET activity;register_conversion=1;src=10050195;npa=0;auiddc=1087176710.1721820888;ps=1;pcor=1535081051;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb912...
ad.doubleclick.net/ 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/ 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/ 0
0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 91ms
90ms Image
image/gif 23.212.248.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=82e0263c-db0a-496c-8ab9-597a741c414e&session=eab8d557-9691-4906-8f94-eaefb848dd36&event=ipv6&q=%7B%22address%22%3A%222600%3A803%3Aa88%3A3197%3A%3A197%22%7D&isIframe=false&m=%7B%22description%22%3A%22FortiGuard%20Labs%20has%20observed%20a%20stealer%20campaign%20spreading%20multiple%20files%20that%20exploit%20CVE-2024-21412%20to%20download%20malicious%20executable%20files.%20Read%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&pageViewId=40a7a206-94f4-44aa-8ebe-7852c7a2687c&ipv6=2600%3A803%3Aa88%3A3197%3A%3A197&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.248.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-248-22.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:48 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 24 Jul 2024 11:34:48 GMT

GET api.min.css
a.omappapi.com/app/js/ 0
0

GET 39852
api.omappapi.com/v2/embed/ 0
0

GET tracking.js
trk.techtarget.com/ 0
0

GET tag.js
abm-tracking.demandscience.com/ 0
0

GET wid.tracker.js
tmp.argusplatform.com/js/ 0
0

GET js
pixel.mathtag.com/event/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET spx
dx.mountain.com/ 0
0

GET uwt.js
static.ads-twitter.com/ 0
0

GET iztag.js
tags.inzynk.io/0ulh3gex/ 0
0

GET px
secure.adnxs.com/ 0
0

GET seg
ib.adnxs.com/ 0
0

GET
H/1.1 200
OK footer-links.json Show response
www.fortinet.com/content/dam/fortinet-blog/ 310 KB
36 KB 174ms
174ms XHR
application/json 2600:1f16:160:aa02:4c34:efb7:29af:4543
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortinet.com/content/dam/fortinet-blog/footer-links.json

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f16:160:aa02:4c34:efb7:29af:4543 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9c2bfadf1fe546bd3872bf81e8477e95faff0104f3b9b888bc47cff4ffe88a36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Dispatcher: dispatcher1uswest1-28559594
Date: Tue, 23 Jul 2024 19:16:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://www.fortinet.com
Content-Encoding: gzip
Via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CMH68-P1
X-Vhost: publish
X-Cache: Hit from cloudfront
Age: 493780
Connection: keep-alive
Content-Length: 35378
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2024 18:24:37 GMT
Server: Apache
ETag: "4d8dc-61d89b0f78340-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Accept-Ranges: bytes
X-Amz-Cf-Id: Q8-rlue7mIQ6rZy-mVW6Ps05IL_JAQbY2TMv6EEeZ_7m7SFsSuEBRw==

GET

exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9257585198521.613
10104846.fls.doubleclick.net/activityi;dc_pre=CObe4NPKv4cDFcHl_QUdgloH5g;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ Frame 9D42
Redirect Chain

https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;d...
https://10104846.fls.doubleclick.net/activityi;dc_pre=CObe4NPKv4cDFcHl_QUdgloH5g;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-st...

0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 657ms
97ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jul 2024 11:34:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=13, mss=1392, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: d35z9T6qBD1acw2hvBFDXNDAtWtPnDFQg1IhHxm7fyNb+J1zvbFs6K/ErmkmFwneMNDoZqWWje9UMTc/C52T2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 siteanalyze_6033413.js Show response
siteimproveanalytics.com/js/ 36 KB
12 KB 355ms
95ms Script
application/javascript 2606:4700:3030::ac43:a3ed

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6033413.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a3ed -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e171f597c12bd7813408cabb76395c783e04c8aa8a0a57416a120ac026e5acf5

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:48 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7YNC0BGZ0BR84DJM
age: 2967
alt-svc: h3=":443"; ma=86400
content-length: 11242
x-amz-id-2: M71Ka/ADdlqlD7+8iH2bcZvNBemHIkoK6laVpg3OiAbOS+L1Txu9xnlljtfYZMkQl+2mv1/2twE=
last-modified: Sat, 29 Jun 2024 00:03:14 GMT
server: cloudflare
etag: "60402ae40e703f919eeaab313f154e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5XUhkfMaIcqSB4yGHlRAtQ%2BQM3khV0vd28DXVgyTbWvo9u%2BD%2BcMbzzxlbWKVXjIIhDfuUyoITsO3dunnfWskQ9RmQdk6UuvqBt7Af%2BVjYtloU5o7rt6CCXNXZdO3341GUzUOMCU3DA1Cn%2FtYRtUIRnQyHVG%2ByI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 8a839a69596b8c39-EWR

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 95ms
95ms Image
image/gif 23.212.248.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=82e0263c-db0a-496c-8ab9-597a741c414e&session=eab8d557-9691-4906-8f94-eaefb848dd36&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2024%20Jul%202024%2011%3A34%3A48%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2024%20Jul%202024%2011%3A34%3A47%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%221004%22%7D&isIframe=false&m=%7B%22description%22%3A%22FortiGuard%20Labs%20has%20observed%20a%20stealer%20campaign%20spreading%20multiple%20files%20that%20exploit%20CVE-2024-21412%20to%20download%20malicious%20executable%20files.%20Read%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&pageViewId=40a7a206-94f4-44aa-8ebe-7852c7a2687c&ipv6=2600%3A803%3Aa88%3A3197%3A%3A197&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.248.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-248-22.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:48 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 24 Jul 2024 11:34:48 GMT

GET
H2 200 s76663400755025
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.26.0-LDQM/ 43 B
373 B 533ms
165ms Image
image/gif 63.140.39.117

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.26.0-LDQM/s76663400755025?AQB=1&ndh=1&pf=1&t=24%2F6%2F2024%201%3A34%3A48%203%20600&sdid=6705500A3C48F46C-4C27138570E3402C&mid=05634288570772633501637940165357573808&aamlh=7&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Aexploiting-cve-2024-21412-stealer-campaign-unleashed&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&cc=USD&events=event3&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&v3=%2B1&c7=Entire%20Site&c8=New&v25=05634288570772633501637940165357573808&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Aexploiting-cve-2024-21412-stealer-campaign-unleashed&v35=Enabled&v92=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.117 -, , ASN (),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2024 11:34:48 GMT
server: jag
etag: 3697582202624606208-4618627999478851665
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 23 Jul 2024 11:34:48 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
969 B 530ms
174ms Script
application/javascript 2600:1408:c400:5::17c7:3719

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 -, , ASN (),

Reverse DNS

Software

Resource Hash

89333b6a52d61646b071d1dec1a49c6a5a734096eb5ec9183ef08b42c9cfbe50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:21:40 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=64724
accept-ranges: bytes
content-length: 759

GET
H2 200 tag.aspx Show response
ml314.com/ 37 KB
12 KB 403ms
95ms Script
application/javascript 34.117.77.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?246
Requested by: Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 773a28cc9ac8062b38482769d1f03d92a6487d5775d439cff1c8b5be61fdd6d7

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:10:42 GMT
via: 1.1 google
content-encoding: br
age: 1447
x-guploader-uploadid: AHxI1nMS2YNekb_qyp2Fcx_vbfjxc-YZI8Sinyq-fLbPxYIIoT3cvDVRsYTT3UEcS4CEQqy1eiE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12140
last-modified: Wed, 12 Jun 2024 23:47:10 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1718236030191817
x-goog-hash: crc32c=jdP4zA==, md5=YRx2m1aKFpugF5vA5Ps9ng==
content-type: application/javascript
cache-id: LGA-991dec68
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 37568
accept-ranges: bytes

GET image.aspx
6033413.global.siteimproveanalytics.io/ 0
0

GET
H2 200 177020962864941 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/177020962864941?v=2.9.162&r=stable&domain=www.fortinet.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

8faa00fe604f9f30cef70e7242445d28716037d505d4b46c68768c0a3913068f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jul 2024 11:34:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12430
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=61, mss=1392, tbw=64190, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: XtcuIeE9vXyj36LzZNF3INf/O913LcmjnL2oG6NfL9RBlsDpLPi6O72ou40pYKVcOUBFEcY85VqabAgz+yfrdA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ 684 B
1 KB 113ms
112ms Script
application/javascript 34.117.77.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=54820&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&pv=1721820889130_eyaz0xty1&bl=en-us&cb=1358147&return=&ht=&d=&dc=&si=1721820889130_eyaz0xty1&cid=&s=1600x1200&rp=&v=2.7.3.180
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 67074ca9e9af66ddf1db5892a3ff0294d12dde2901cc65fa8ff29266cfe9cc39

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 11:34:49 GMT
via: 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H2 200 insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 40 KB
0 113ms
113ms Script
application/javascript 2600:1408:c400:5::17c7:3719

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fortinet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 11:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2024 10:02:06 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=64145
accept-ranges: bytes
content-length: 14597

GET ibs:dpid=22052&dpuuid=3645797616192061453&redir=
dpm.demdex.net/ 0
0

GET 395886.gif
idsync.rlcdn.com/ 0
0

GET generic
match.adsrvr.org/track/cmf/ 0
0

GET tp=BOMB
sync.crwdcntrl.net/map/c=6985/ 0
0

GET pixel
ps.eyeota.net/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: epsilon.6sense.com
URL: https://epsilon.6sense.com/v3/company/details

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/?random=1721820887895&cv=11&fst=1721820887895&bg=ffffff&guid=ON&async=1&gtm=45be47h0v887005625za200zb9123037237&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&hn=www.googleadservices.com&frm=0&tiba=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=1087176710.1721820888&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;src=10050195;npa=0;auiddc=1087176710.1721820888;ps=1;pcor=1535081051;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb9123037237;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed?

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=10050195;npa=0;auiddc=1087176710.1721820888;ps=1;pcor=1535081051;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9185241837za200zb9123037237;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed?

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/?random=1721820887989&cv=11&fst=1721820887989&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200zb9123037237&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&hn=www.googleadservices.com&frm=0&tiba=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=1087176710.1721820888&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/?random=1721820888017&cv=11&fst=1721820888017&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200zb9123037237&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&hn=www.googleadservices.com&frm=0&tiba=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=1087176710.1721820888&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4

Domain: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.css

Domain: api.omappapi.com
URL: https://api.omappapi.com/v2/embed/39852?d=fortinet.com

Domain: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js

Domain: abm-tracking.demandscience.com
URL: https://abm-tracking.demandscience.com/tag.js

Domain: tmp.argusplatform.com
URL: https://tmp.argusplatform.com/js/wid.tracker.js

Domain: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1629896&mt_adid=260855&mt_exem=&mt_excl=&v2=&v3=&s1=&s2=&s3=&v1=en:blog:threat-research:exploiting-cve-2024-21412-stealer-campaign-unleashed

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JH142QCQCJ&l=dataLayer&cx=c

Domain: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32336&tdr=&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&cb=96212520553980480term=value

Domain: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Domain: tags.inzynk.io
URL: https://tags.inzynk.io/0ulh3gex/iztag.js

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/px?id=1773420&t=2

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/seg?add=36113683

Domain: 10104846.fls.doubleclick.net
URL: https://10104846.fls.doubleclick.net/activityi;dc_pre=CObe4NPKv4cDFcHl_QUdgloH5g;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9257585198521.613?

Domain: 6033413.global.siteimproveanalytics.io
URL: https://6033413.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&title=Exploiting%20CVE-2024-21412%3A%20A%20Stealer%20Campaign%20Unleashed%20%7C%20FortiGuard%20Labs&res=1600x1200&accountid=6033413&rt=6630&prev=a0c2c128-9cff-9cef-6a31-39cafa7a1b03&luid=c17197dc-879b-e06c-7d6b-af787cb5c863&rnd=88810

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=177020962864941&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&rl=&if=false&ts=1721820889157&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721820889155.488197711851526799&ler=empty&cdl=API_unavailable&it=1721820889004&coo=false&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=177020962864941&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&rl=&if=false&ts=1721820889157&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721820889155.488197711851526799&ler=empty&cdl=API_unavailable&it=1721820889004&coo=false&rqm=FGET

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3645797616192061453&redir=

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/395886.gif?partner_uid=3645797616192061453

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3645797616192061453

Domain: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fortinet.com/	1970-01-21 07:02:36	Name: cookiesession1 Value: 678A3E2CB0F073B2D8D7D63B439DC34F
.fortinet.com/	1970-01-21 07:02:36	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Jul+24+2024+01%3A34%3A45+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=6.10.0&hosts=&consentId=5259a20d-917c-4b5f-a1cc-c23a9b2bf1fe&interactionCount=0&landingPath=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fexploiting-cve-2024-21412-stealer-campaign-unleashed&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.fortinet.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-21 02:36:12	Name: demdex Value: 05290515631624218861602441434002732856
.fortinet.com/	1969-12-31 23:59:59	Name: AMCVS_ED8739F75677FE917F000101%40AdobeOrg Value: 1
.fortinet.com/	1970-01-20 22:17:02	Name: mboxEdgeCluster Value: 34
.fortinet.com/	1970-01-21 07:53:00	Name: mbox Value: session#5b05643c319948d8a84ba6e0d438f94b#1721822747\|PC#5b05643c319948d8a84ba6e0d438f94b.34_0#1785065687
.dpm.demdex.net/	1970-01-21 02:36:12	Name: dpm Value: 05290515631624218861602441434002732856
.fortinet.com/	1970-01-21 07:53:00	Name: AMCV_ED8739F75677FE917F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19929%7CMCMID%7C05634288570772633501637940165357573808%7CMCAAMLH-1722425685%7C7%7CMCAAMB-1722425685%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1721828085s%7CNONE%7CMCSYNCSOP%7C411-19936%7CvVersion%7C5.5.0
www.fortinet.com/	1970-01-20 22:27:05	Name: AWSALB Value: 2vgh5eE6eKtfkLKKR0Hz1b9ATwEZ4NtraSyGHC0udUfUH9TKeJrlrRQmptRhn+SVm4wxNDckB+zFPOZxw75teSbtjsQ9uPBU9v+6GCduyeOsi37ZhimWoUBp72Zsrgj9P261FrosirWmH6K1q9tbdFfC7tYYQFlU+lm2T77+QNYZCdabMSYwziKg7k17H8UDorEqqd5RcAbdd9cKwwZUK16AU4reMlgB
www.fortinet.com/	1970-01-20 22:27:05	Name: AWSALBCORS Value: 4+BoqOU2tknG/z90OJj9s4zppF/cNyCys1s/HhCtLgg2+Ytl0uH8XhO1QhVPUK+qL5kU3CnrTJQGGGKHQIMt3/TUHewY8azq8ofv/tol0D5DE6oI0dE23YUjWaDosbWAnnOWzEKgHlLQG/aXkl9Tox7HgdbkNlNoPsLBJ7D8epa320oVM7vU407+axdi1/1F6rHH8m+rKQVc+OolyxayTAbqAJxYYzOi
www.fortinet.com/	1970-01-21 07:53:00	Name: _gd_visitor Value: 82e0263c-db0a-496c-8ab9-597a741c414e
www.fortinet.com/	1970-01-20 22:17:15	Name: _gd_session Value: eab8d557-9691-4906-8f94-eaefb848dd36
.fortinet.com/	1970-01-21 00:26:36	Name: _gcl_au Value: 1.1.1087176710.1721820888
.fortinet.com/	1970-01-20 22:18:27	Name: _uetsid Value: bb4a0e7049b011efa9307789cd1a066f
.fortinet.com/	1970-01-21 07:38:36	Name: _uetvid Value: bb4a584049b011ef8a71af2953eb2335
.bing.com/	1970-01-21 07:38:36	Name: MUID Value: 247A073B129765101D3313FD13F864DB
.bat.bing.com/	1970-01-20 22:27:05	Name: MR Value: 0
www.fortinet.com/	1970-01-20 22:17:01	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1721820888106%7D
www.fortinet.com/	1970-01-21 07:53:00	Name: _omappvp Value: 97IWp7hIG3rErNND8POxPdlAEOPvcQF4OyEcvW76djbqZZffHi5laB6jT5lbQms3dnGgd3RD2cDWpqjEScVXoO7uWQXevZyh
www.fortinet.com/	1970-01-20 22:17:02	Name: _omappvs Value: 1721820888204

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10104846.fls.doubleclick.net
6033413.global.siteimproveanalytics.io
a.omappapi.com
a.opmnstr.com
abm-tracking.demandscience.com
ad.doubleclick.net
amplify.outbrain.com
api.omappapi.com
assets.adobedtm.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.cookielaw.org
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
dx.mountain.com
epsilon.6sense.com
fortinet.demdex.net
fortinet.tt.omtrdc.net
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
ipv6.6sc.co
j.6sc.co
match.adsrvr.org
metrics.fortinet.com
ml314.com
pixel.mathtag.com
ps.eyeota.net
script.crazyegg.com
secure.adnxs.com
siteimproveanalytics.com
snap.licdn.com
static.ads-twitter.com
sync.crwdcntrl.net
tags.inzynk.io
tmp.argusplatform.com
tr.outbrain.com
trk.techtarget.com
wave.outbrain.com
www.facebook.com
www.fortinet.com
www.googletagmanager.com
10104846.fls.doubleclick.net
6033413.global.siteimproveanalytics.io
a.omappapi.com
abm-tracking.demandscience.com
ad.doubleclick.net
api.omappapi.com
dpm.demdex.net
dx.mountain.com
epsilon.6sense.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
match.adsrvr.org
pixel.mathtag.com
ps.eyeota.net
secure.adnxs.com
static.ads-twitter.com
sync.crwdcntrl.net
tags.inzynk.io
tmp.argusplatform.com
trk.techtarget.com
www.facebook.com
www.googletagmanager.com
13.248.142.121
18.205.181.228
23.212.248.22
23.221.241.188
2400:52e0:1a00::1206:2
2600:1408:c400:5::17c7:3719
2600:1408:c400:98f::1e80
2600:1408:c400:d::17cd:6a49
2600:1f16:160:aa02:4c34:efb7:29af:4543
2606:4700:3030::ac43:a3ed
2606:4700:4400::6812:2089
2606:4700::6813:9308
2606:4700::6813:b134
2607:f8b0:4004:c1f::61
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
3.213.66.237
34.117.77.79
34.193.67.242
63.140.38.217
63.140.39.117
64.202.112.255
05b1d251b44fdd42bd27a73eb373440c9957297292c3f13a677eb908648486ee
09edcbeb6bb1f2361271a99cb3369ee93e55c21a4985d8f5cfed37af10d6729d
0b2969b20d4b33763f23481f2dc0f0626a93fdd567798412bf891890047398a3
0e5f18649f61dd74f9caf157048d64c16ceb0fd2e8b54ed9e3c6ff1ebf22bd24
0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91
114ed516604e98cd030c85d1be345541019326d2f32bb784626fb13ad57f8744
13c309d0ebac3484b78106413ee31f46abfc690429c64ddf6ceb1b1838424ada
14ab272acece0b7aab916147adc3e64fb3a6a0ea3477a7eb12b27a8ca8fd3be4
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d7b331a045e0921f57a7aca33a2be27539027cc5b1ded6de5ad38263eddf8a3
1e91c990301e6c54d07d12600708b25a5861c6da4256c63bcb22bf1f0c5d81b8
262c76a939f7c2d543b0f5669d8958b82954e14e17d79ced7848cd51a36e6b1d
30ddee8ebf0ffd7c415585a9e3a0e8023deb80ed05b857a4427dbb75790c43bd
370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d
37fd820b496a40f0f5783b425ed0c873d7913a576c0f246e869c5a2be58f787e
3aec02b24881b79afb8d121953096fd5754b07c8d26a295bcd900b0833183933
3e63ed3b834f3a6961e1476a3dfadffb78212feac2bf804352a6926091b4c828
3f36cb484213cafc798ef594c00ffdc27156f0106c63b539c3464bae355fb82a
3f57193ed9b7928c36cb710ac6a4af1583023f928914c094db4995420f7e3a54
404669b3d94f951d5e005752766d9f4e60dc4f44c7aeda8b491f204f71b760af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480e3b349655b6f17b20ec546c300957cad9ffd98b2d29be29db79422ededc52
4b1dfdf84f81ccef7d37fc96dfd2358c87a40a04b20f063179f2c87fc1d3d382
4dba9e54570483a0624219ec53864f468c9cbdf4f9c1f23821e539de7cb0c9fc
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
59faeec7cd3ce8eba6b26823c7dd41512a380a8c3329aa0ae0270a72f4645d08
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
663fcd2b41d75e07e72ea2622d80566bcf10f1951f7293217d5fd9c9e3e542d8
67074ca9e9af66ddf1db5892a3ff0294d12dde2901cc65fa8ff29266cfe9cc39
6741b10dd5b1580642a0aa204377a8fb50c2dd86c38fd4cd07e2319eefaa93d7
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
733af1f9f161901223beb471b1e2b6127d63a2122163dfd3fddbed986d7a7340
770be267abb4fe287bf67c2fdbdf4f14556632b8e07a6d464e58ca56e3e33474
773a28cc9ac8062b38482769d1f03d92a6487d5775d439cff1c8b5be61fdd6d7
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7ad0607daba7c0ddecacb3c696099e761076f147549440a7b3c4baa8f67ddaac
7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80
7c951a4408b8eb47ecea22bc965c50addb9e027eed0d48b1248869d967967ceb
8489534bde4ad3c3cedebecd11b9babe653de6b413922ec2b877c5bfcb33ee3e
855f75e3c59ecf05751e400ad7f8ef021ab050a882b7c4861a187c9475c16dbc
8883bc0b8dd0d8b6e1f37046e643e3487484913aae5fedbb41b9c0c059ecf123
89333b6a52d61646b071d1dec1a49c6a5a734096eb5ec9183ef08b42c9cfbe50
895f6b9e5d37c494c7c8ebf30eade521c286b27001d256e3a37f5ac27684a57d
8996c65493d0892ad859c51e0b8bc630154cc6787f3cca108ab29fb9211bfa8f
8998282f5a80fff5eaafdbd457dd7a81af0cd7c8696bfe032a6aeef8fe67f99f
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
8db92e7cdc1ad40168c42e93b05d842e056d8a5b83ae96b95d2b1c546f828196
8faa00fe604f9f30cef70e7242445d28716037d505d4b46c68768c0a3913068f
93f1175b9eb9dcdf7cc89fb8a0049b1734aead76c4e9a71ce2e74c6659dfc7a2
9453297b8c031ffe12f292174750cabd95f6069010d7dfb77e3e840f462706e1
94633716497a85d800b6e573953942c4cfe483c0dbd68fa97fd01dd97ced5d66
985071e89e5076c1b93d2b9ba507a2e890236ef8e3eaea519c7b2bc364cf84df
9c2bfadf1fe546bd3872bf81e8477e95faff0104f3b9b888bc47cff4ffe88a36
9e127a551b1d872db037fb1c551f032ffb34217f160a6906918f720cae169575
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a98a9441db98144c6e8c4ab37c72e26786065a15dfb36a9231be938f76984c4f
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b5b4fea0f2608d0f0cafdee0e2b00ae659b091c6d18eda7fe291e636ba3f353c
b64cae93d3398a9d5da33d3728f714a222df73943f87b81b7f2c49d58e2794ef
b8bd6ae17f88486fa86c4acb7f2190d93bcbdd5e223e55b46273cb0eb0a05878
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bdfd8a95ffd68d8bc7149ea79a3ca8a1869fe507a42e4f7a368f626843346e89
bec82187bec72da82a4eed1c0c3624ac495ca960b7286da80815db9b5c43777e
bedf62e46e59fa272ad95971fb563c91a33501c2443058083872960861534da7
bf75adb4dce36bece1ce5451a9fb6d4fbd65ee72fc074b55ca676f2d8898da5b
c149801047c223a4b0561fa5031f157ec17c2d1fa748d94b8d5a07f0b15396c3
c1ccdda10c297d3aeedbe2fa72700c5f49bdf9e102090c2d62775ec3c964e078
c1f6998325537213639d6576ede84d0ae68168adf72672b0e39e70de8a977fcf
c800888331e0e31f317acc8de442b6a71340d4f0d4f3db9dbb7f8e4b3172e84e
d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
d1fe20aff60f91b78aabd65363112fbc84a8e7c8dd0c258bb1aae48cc4e4879c
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
da05fe7840659b4f64ec6d40d52bfa9c403b6f9f3a3a8f89e310557037802fcb
db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
e0f9a49b3445df93031ef8414eab4c9266e8e6aefc9594c8b3f49376f57ee97c
e171f597c12bd7813408cabb76395c783e04c8aa8a0a57416a120ac026e5acf5
e2d910265020b45a6878d4b62b104bc4cfbcf7554e7386d81aef7a0ae208048e
e3a54e557f40c9a8528562f5f9fe39cb3fce5ad1e3f4238ec791c17961645240
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebd0b0892d3b17adc658369a10ebfe9abcd4883fd08bb047fd66dd459edd4481
ec425cce7010294e5d2601a098dabc3e75536351f58e07ada250c8642934fb8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
f27e29d30ac4679f737342af5cbb1bf5f39c043ec24528f208535ece9f78d3d6
f41e718277c296a77a6259da8cadd84b5f195d21ea0a6eb36442de9217613c2f
f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68
fcce7b7353be95b84f177e00cd497eb4e485606e88cf17a5d836ee6c0f1f0f20
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.fortinet.com Open in urlscan Pro 2600:1f16:160:aa02:4c34:efb7:29af:4543 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

78 %HTTPS

55 %IPv6

34 Domains

45 Subdomains

22 IPs

1 Countries

7113 kBTransfer

10205 kBSize

21 Cookies

9 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fortinet.com Open in urlscan Pro
2600:1f16:160:aa02:4c34:efb7:29af:4543 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

78 %
HTTPS

55 %
IPv6

34
Domains

45
Subdomains

22
IPs

1
Countries

7113 kB
Transfer

10205 kB
Size

21
Cookies

125 HTTP transactions
2 data transactions