securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Submission: On February 11 via api (February 11th 2021, 9:59:11 am UTC) from US

Summary HTTP 212 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 38 domains to perform 212 HTTP transactions. The main IP is 2001:8d8:100f:f000::289, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is securityaffairs.co.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 8th 2020. Valid for: a year.

This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	2001:8d8:100f... 2001:8d8:100f:f000::289	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:206... 2600:9000:206f:c400:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:9e00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
35	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
5	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
10	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:2111:d800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	104.90.192.189 104.90.192.189	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.16.107.72 2.16.107.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:215... 2600:9000:2156:2800:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.195.238.30 18.195.238.30	16509 (AMAZON-02) (AMAZON-02)
1	2.21.242.187 2.21.242.187	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	52.201.98.35 52.201.98.35	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:42d... 2600:1f18:42df:3a01:6221:c1c3:43e5:87c9	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2606:4700:20:... 2606:4700:20::681a:b9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.52.52.5 52.52.52.5	16509 (AMAZON-02) (AMAZON-02)
3 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	157.245.94.128 157.245.94.128	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
3 5	18.200.32.159 18.200.32.159	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.185 184.30.20.185	16625 (AKAMAI-AS) (AKAMAI-AS)
7	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
3 3	35.156.223.207 35.156.223.207	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.51.194 3.127.51.194	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1 1	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
1 1	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
212	45

44 2001:8d8:100f:f000::289 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

securityaffairs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c400:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9e00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 184.30.24.22 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2111:d800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.189 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-189.deploy.static.akamaitechnologies.com

adservetx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.72 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-72.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2800:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.238.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-238-30.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.242.187 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-242-187.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.201.98.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-98-35.compute-1.amazonaws.com

dt.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:42df:3a01:6221:c1c3:43e5:87c9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:b9c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.198 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.52.52.5 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-52-5.us-west-1.compute.amazonaws.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.94.128 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebidserver.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.195.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

246614b52a3ff7ada7842911b6d9b3e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.200.32.159 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-32-159.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.185 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.223.207 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-223-207.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.51.194 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.69 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	securityaffairs.co securityaffairs.co	1 MB
42	media.net contextual.media.net adservetx.media.net lg3.media.net navvy.media.net	440 KB
14	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com prebidserver.pixfuture.com	949 KB
13	clnmde.com dt.clnmde.com dt6.clnmde.com	4 KB
12	wp.com i0.wp.com i1.wp.com i2.wp.com stats.wp.com pixel.wp.com	45 KB
9	googlesyndication.com 246614b52a3ff7ada7842911b6d9b3e3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	36 KB
9	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	233 KB
9	criteo.com 3 redirects gum.criteo.com mug.criteo.com	4 KB
8	sonobi.com apex.go.sonobi.com Failed sync.go.sonobi.com	9 KB
5	adsrvr.org 3 redirects match.adsrvr.org	3 KB
5	ampproject.org cdn.ampproject.org	98 KB
5	sharethis.com ws.sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	41 KB
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com Failed	169 KB
4	google-analytics.com www.google-analytics.com google-analytics.com	38 KB
4	twitter.com platform.twitter.com	31 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	google.com 1 redirects adservice.google.com www.google.com	342 B
3	akamaihd.net pxlclnmdecom-a.akamaihd.net qsearch-a.akamaihd.net	34 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	contextweb.com 2 redirects bh.contextweb.com	1 KB
2	rlcdn.com api.rlcdn.com	268 B
2	adnxs.com ib.adnxs.com Failed acdn.adnxs.com	718 B
2	openx.net pixfuture2-d.openx.net Failed eu-u.openx.net	360 B
2	googletagservices.com www.googletagservices.com	38 KB
2	w.org s.w.org	1 KB
2	facebook.net connect.facebook.net	62 KB
1	mathtag.com 1 redirects sync.mathtag.com	601 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	601 B
1	rfihub.com 1 redirects p.rfihub.com	716 B
1	google.ch adservice.google.ch	803 B
1	mgid.com 1 redirects cm.mgid.com	972 B
1	yahoo.com c2shb.ssp.yahoo.com	661 B
1	gravatar.com secure.gravatar.com	1 KB
1	consensu.org c.sharethis.mgr.consensu.org
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
0	googleapis.com Failed fonts.googleapis.com Failed
212	38

	Domain	Requested by
44	securityaffairs.co	securityaffairs.co
20	contextual.media.net	securityaffairs.co contextual.media.net
15	lg3.media.net	securityaffairs.co contextual.media.net
12	dt.clnmde.com	pxlclnmdecom-a.akamaihd.net securityaffairs.co
7	sync.go.sonobi.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net securityaffairs.co tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com cdn.pixfuture.com securepubads.g.doubleclick.net securityaffairs.co
6	navvy.media.net	contextual.media.net
6	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com securityaffairs.co
5	match.adsrvr.org	3 redirects cdn.pixfuture.com ads.pubmatic.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	gum.criteo.com	3 redirects cdn.pixfuture.com
5	served-by.pixfuture.com	securityaffairs.co served-by.pixfuture.com
4	mug.criteo.com	securityaffairs.co
4	i1.wp.com	securityaffairs.co
4	platform.twitter.com	securityaffairs.co platform.twitter.com
3	x.bidswitch.net	3 redirects
3	prebidserver.pixfuture.com	cdn.pixfuture.com
3	ads.pubmatic.com	securityaffairs.co cdn.pixfuture.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	i2.wp.com	securityaffairs.co
3	i0.wp.com	securityaffairs.co
2	sync.1rx.io	2 redirects
2	ads.creative-serving.com	2 redirects
2	bh.contextweb.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	api.rlcdn.com	cdn.pixfuture.com ads.pubmatic.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.com	1 redirects securityaffairs.co
2	www.googletagservices.com	securityaffairs.co
2	s.w.org	securityaffairs.co
2	l.sharethis.com	ws.sharethis.com securityaffairs.co
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	connect.facebook.net	securityaffairs.co connect.facebook.net
1	sync.mathtag.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	p.rfihub.com	1 redirects
1	eu-u.openx.net	cdn.pixfuture.com
1	acdn.adnxs.com	cdn.pixfuture.com
1	googleads.g.doubleclick.net	securityaffairs.co
1	246614b52a3ff7ada7842911b6d9b3e3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	cm.mgid.com	1 redirects
1	c2shb.ssp.yahoo.com	cdn.pixfuture.com
1	hbopenbid.pubmatic.com	cdn.pixfuture.com
1	ib.adnxs.com	cdn.pixfuture.com
1	apex.go.sonobi.com	cdn.pixfuture.com
1	pixfuture2-d.openx.net	cdn.pixfuture.com
1	pixel.wp.com	securityaffairs.co
1	secure.gravatar.com	securityaffairs.co
1	dt6.clnmde.com	securityaffairs.co
1	qsearch-a.akamaihd.net	securityaffairs.co
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	adservetx.media.net	contextual.media.net
1	google-analytics.com	securityaffairs.co
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.co
1	platform-api.sharethis.com	securityaffairs.co
1	ws.sharethis.com	securityaffairs.co
1	maxcdn.bootstrapcdn.com	securityaffairs.co
1	www.googletagmanager.com	securityaffairs.co
0	fonts.googleapis.com Failed	securityaffairs.co
212	63

This site contains links to these domains. Also see Links.

Domain
www.fortiguard.com
www.ptsecurity.com
www.linkedin.com
www.facebook.com
twitter.com
reddit.com
www.pinterest.com
plus.google.com
www.tumblr.com
www.cssii.unifi.it

Subject Issuer	Validity	Valid
www.securityaffairs.co GeoTrust RSA CA 2018	`2020-03-08` - `2021-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.clnmde.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
dt6.clnmde.com Amazon	`2020-04-27` - `2021-05-27`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-09-18` - `2021-03-17`	6 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google.ch GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Frame ID: A9F5F5CEADCE51DB31C27E33AF853D9D
Requests: 112 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 6FA16FB2FEA1B69DE072F174E4F034A5
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Frame ID: F67A427024EE7C304EC17581265BF493
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Frame ID: DE7BB2B31FD4357B10CF9C3F95DAEE57
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Frame ID: EB9ACBA5ABE3640664DB2157CD576C76
Requests: 1 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: D98E4C6065C1D29716EB67FB637E8211
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fsecurityaffairs.co
Frame ID: 2C7C464516259D4C3B9C6EECB4B59A35
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 6ABE11444A5F0559DD2B6E343FC9446F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: C1E357FCD5AFD59B4C8E3EFADEEE139C
Requests: 29 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1357316793753362433&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=889aa01%3A1612811843556&width=500px
Frame ID: 23AC788D8064F126EEEDD8F0E51EC674
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63415.js
Frame ID: C4043E62E800CCE92AB0FEDB7AD3C0AD
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63415.js
Frame ID: BA92D09D3D1F8BD68D94E17BEFA72027
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63415.js
Frame ID: CC176F52C92CF84481D1B714D15E04F7
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63415.js
Frame ID: ACF8AE96D6EF6E3037CB77B26325C6B2
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63415.js
Frame ID: 31E5DCDBFBD6ED72D31049DA8BF71E19
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63415.js
Frame ID: DE0504295867198C2ABD613C4CD40B83
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DA1E27D9849EA386A27A6E34EDF4BAA1
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 997F4DB9511FFB4FCD863571C3FA7B6E
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5D62F10D74D93FA89495ADBC3620A7E2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 639AF75F3C157F358CE42AFB24ABCA61
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: 957F680415C5CC8FFD1B41C5D5ED9704
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D35630B863FEF72BB2C6623639EC9F38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

212
Requests

95 %
HTTPS

38 %
IPv6

38
Domains

63
Subdomains

45
IPs

7
Countries

3477 kB
Transfer

6197 kB
Size

19
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fortiguard.com/psirt/FG-IR-20-122
Title: addressed four vulnerabilities

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/psirt/FG-IR-20-124
Title: CVE-2020-29015

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/psirt/FG-IR-20-125
Title: CVE-2020-29016

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/psirt/FG-IR-20-126
Title: CVE-2020-29019

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/psirt/FG-IR-20-123
Title: CVE-2020-29018

Search URL Search Domain Scan URL

URL: https://www.ptsecurity.com/ww-en/about/news/fortinet-fixes-vulnerabilities-discovered-by-positive-technologies/
Title: Andrey Medov at Positive Technologies explains

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html&text=Fortinet%20addresses%204%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls%20
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html&title=Fortinet%20addresses%204%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&media=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html

Search URL Search Domain Scan URL

URL: https://www.cssii.unifi.it/vp-89-il-center.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=o5bHZnxnNi8rR1VZUkdrblA4cWJSeXE1MUhIQnhRZ1NUaGYvaFNUQmZzSldCZzY1MTJIbkR6K1ZqZ1c4cmc4Z2RUZGRTVHRuTmFLZUtJZ1kxRkFwczFjYXpIMTJzdjU1Qk5tTjgzd0pLK0pXSVQ1eUczYWQxQzlqRS9lbWdmcnV1MCsvek9DMU5WdU9NZmtudTdKV0JzU1VqS2FwZHQzd245aEhLaHE3UG5LSWZIWHNkdlRzalpLSklXT0lHZ2hsdlZRYVN2K2N4c3BFS052VXBHSWlOSWtKaGFveldBajRBODRvVHloNmkzYTV3Z3BVPXw&cppv=2

Request Chain 139

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sqlUg3xGalNmSm9ac3pERWM0ckRnaE5BK3NYeFBtajljOHkvUTAyeEQ4VlZXYzVxSXptSzF1V2U5SHg0bGtFUi9hM2Z2U2d2Ykxsck5zeEtGWWptOG1kZUtIK1JIOEM2VFVGbjBhSGVzRk90M3ljYXR5K3lobXFYTzRtNGxKKzAzOVJweHRXeGFPZk1tK2o4U21hbXVOWUlFODJ4aURyT3dzd3hYOURZRldpQlhTUnJNM3R1OG9qejFFOG5oRzkvTUZMQWtoVmQ0RVJlYlp6YWNMay9RQzVucE92Z3Y5bWdURHRqdGdkdDRONjhqeldZPXw&cppv=2

Request Chain 165

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=jXeUpXxCcmY3Ujk3OW1SdVlyNEExUm1WOVBNUVpMeXl3Z3N2UGtrMmV3UHZMdXJuRHhwa0l6Qjk0d1BaeXp4SEtvNXZlMjYrNm5GdyszbHRIWHNOZC9WTEtmVHEwaUdRWFJ1M2FLc1RBZmJoZ2xUZEZqUjZVSTVTRHozQk5qY1lxNmI5NitJZXVETGVBblBzQ3RKVXFQZk5yT2thbG1PeENNL3NtQVArQi9yOTFQbDBnTmw5cHJUUWtjQWxSZDhtSENaRGpwQ0lRU3VtWVgxWTZCL1JxOER6YzhTa0pqNzB3a0JFejJHV1orNzMvc3JzPXw&cppv=2

Request Chain 176

https://cm.mgid.com/m?cdsp=363893&adu=https%3A%2F%2Fprebidserver.pixfuture.com%3A8000%2Fsetuid%3Fbidder%3Dmgid%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%7Bmuidn%7D HTTP 301
https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=l1bS4C1b42W1

Request Chain 203

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 209

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=1cef4122-68b2-4e07-a4c6-04a92d899c77&pubid=0b24fdfc82

Request Chain 210

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471592425439203

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NjNlYmJkOWMtNjIwMy00MDA3LTkxMWEtYTE0MWZhZjRkYzA1 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESELFIGbYaMjFD48pGfVLvvLo&google_cver=1

Request Chain 212

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=63ebbd9c-6203-4007-911a-a141faf4dc05&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bFh4cWtJNnBxakx4VE5wa08yeExUdw&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOLIDw3orBQBYrh9r0B95mI&google_cver=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=5nqnAGyWlnX4

Request Chain 213

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=60a3d172-4d9b-48a0-b7df-5d27abe641f6 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=60a3d172-4d9b-48a0-b7df-5d27abe641f6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=6936ae6f-568b-4284-a578-8ad86003c799&ssp=sonobi&expires=30&user_group=5&bsw_param=60a3d172-4d9b-48a0-b7df-5d27abe641f6 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60a3d172-4d9b-48a0-b7df-5d27abe641f6

Request Chain 214

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2967823111 HTTP 302
https://sync.1rx.io/usersync/tradedesk/1cef4122-68b2-4e07-a4c6-04a92d899c77 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2b94950d-8829-471e-935d-eb64f947c2af-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-2b94950d-8829-471e-935d-eb64f947c2af-003 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-2b94950d-8829-471e-935d-eb64f947c2af-003

Request Chain 215

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3a076024-ffdf-4900-8233-b12d3c511f14

212 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fortinet-fortiweb-flaws.html Show response
securityaffairs.co/wordpress/114233/hacking/ 86 KB
24 KB 1649ms
1615ms Document
text/html 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: f50163f76459c7f03c069fe703f151d6c833387c08019e3ca48fa762242ffffb

Request headers

:method: GET
:authority: securityaffairs.co
:scheme: https
:path: /wordpress/114233/hacking/fortinet-fortiweb-flaws.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 11 Feb 2021 09:58:49 GMT
server: Apache
x-powered-by: PHP/7.2.34
x-pingback: https://securityaffairs.co/wordpress/xmlrpc.php
link: <https://securityaffairs.co/wordpress/wp-json/>; rel="https://api.w.org/", <https://securityaffairs.co/wordpress/wp-json/wp/v2/posts/114233>; rel="alternate"; type="application/json", <https://securityaffairs.co/wordpress/?p=114233>; rel=shortlink
set-cookie: cookielawinfo-checkbox-necessary=yes; expires=Thu, 11-Feb-2021 10:58:51 GMT; Max-Age=3600; path=/ cookielawinfo-checkbox-non-necessary=yes; expires=Thu, 11-Feb-2021 10:58:51 GMT; Max-Age=3600; path=/
content-encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 25ms
18ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-59069958-1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c904ae145137bcd692647cce265539739e8ffd9f68bf1b9ec71c08abb7e8dcf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39236
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Feb 2021 09:58:51 GMT

GET
H2 200 style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ 61 KB
61 KB 60ms
53ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=688ce3e49e5ecefa1cd650833f2ac646
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 8c43e551763d3628fab88767caacb3188f69afa8d1290cf3f9d61ab09cb56073

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 09 Dec 2020 23:30:59 GMT
server: Apache
accept-ranges: bytes
etag: "f520-5b61073a99e2a"
content-length: 62752
content-type: text/css

GET
H2 200 cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 3 KB
3 KB 56ms
49ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.9.5
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2020 23:05:49 GMT
server: Apache
accept-ranges: bytes
etag: "c25-5b69cea81443a"
content-length: 3109
content-type: text/css

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 27 KB
27 KB 74ms
67ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.9.5
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: d44b68c7b3e659196a6a72662f4e2e903044d6e64a6a5c0002602711cd68a8fa

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2020 23:05:49 GMT
server: Apache
accept-ranges: bytes
etag: "6cdf-5b69cea81443a"
content-length: 27871
content-type: text/css

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 36ms
14ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=688ce3e49e5ecefa1cd650833f2ac646

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 5442

GET
H2 200 frontend.css
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 7 KB
7 KB 71ms
65ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.css?ver=1613037531
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 24583638f8c4bd2d5dff22bddefbb24f8d047868e71ad2c029b1698b6926c85c

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 10 Feb 2021 22:39:15 GMT
server: Apache
accept-ranges: bytes
etag: "1c69-5bb0312a4205b"
content-length: 7273
content-type: text/css

GET
H2 200 custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 19 KB
20 KB 76ms
70ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 13:54:59 GMT
server: Apache
accept-ranges: bytes
etag: "4d92-52704407f72c0"
content-length: 19858
content-type: text/css

GET
H2 200 tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 539 B
683 B 76ms
70ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: Apache
accept-ranges: bytes
etag: "21b-526fe6d7cd700"
content-length: 539
content-type: text/css

GET
H2 200 flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 6 KB
6 KB 76ms
71ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 13:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "1851-5270441180940"
content-length: 6225
content-type: text/css

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 11 KB
11 KB 77ms
72ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "2bf8-5b61073af996a"
content-length: 11256
content-type: text/css

GET
H2 200 animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 2 KB
2 KB 81ms
27ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
accept-ranges: bytes
etag: "6b4-526fe6d5e5280"
content-length: 1716
content-type: text/css

GET
H2 200 font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 17 KB
18 KB 88ms
20ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
accept-ranges: bytes
etag: "4574-526fe6d5e5280"
content-length: 17780
content-type: text/css

GET
H2 200 swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 4 KB
5 KB 95ms
25ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: Apache
accept-ranges: bytes
etag: "118d-526fe6e527680"
content-length: 4493
content-type: text/css

GET
H2 200 jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 334 B
478 B 95ms
22ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
accept-ranges: bytes
etag: "14e-526fe6d5e5280"
content-length: 334
content-type: text/css

GET
H2 200 screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 110 KB
110 KB 99ms
23ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: Apache
accept-ranges: bytes
etag: "1b844-526fe6d7cd700"
content-length: 112708
content-type: text/css

GET
H2 200 custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 12 KB
12 KB 136ms
60ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: 18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
server: Apache
x-powered-by: PHP/7.2.34
content-type: text/css; charset: UTF-8;charset=UTF-8

GET
H2 200 grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 49 KB
50 KB 96ms
21ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=688ce3e49e5ecefa1cd650833f2ac646
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:03 GMT
server: Apache
accept-ranges: bytes
etag: "c5f2-526fe6d6d94c0"
content-length: 50674
content-type: text/css

GET
H2 200 frontend-gtag.js Show response
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 22 KB
23 KB 118ms
22ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.js?ver=1613037531
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: bdec2cf98067424804869b7686735623c4f6fb88ce27718d27619860481b7733

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 10 Feb 2021 22:39:15 GMT
server: Apache
accept-ranges: bytes
etag: "596d-5bb0312a4dbdb"
content-length: 22893
content-type: application/javascript

GET
H2 200 jquery.js Show response
securityaffairs.co/wordpress/wp-includes/js/jquery/ 281 KB
281 KB 122ms
24ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=3.5.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "463a2-5b61073af5aea"
content-length: 287650
content-type: application/javascript

GET
H2 200 jquery-migrate.js Show response
securityaffairs.co/wordpress/wp-includes/js/jquery/ 25 KB
25 KB 103ms
27ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "62d4-5b61073af5aea"
content-length: 25300
content-type: application/javascript

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/ 33 KB
33 KB 105ms
25ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.9.5
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: a902ffc1c259dc54cb51d32618f4238568e5bcac3d32afc33e6729277f67dffb

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2020 23:05:49 GMT
server: Apache
accept-ranges: bytes
etag: "8319-5b69cea81443a"
content-length: 33561
content-type: application/javascript

GET
H2 200 medianetAdInjector.js Show response
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/ 741 B
895 B 108ms
22ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.11
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: c8817bacfc84fd39e4daec4096011ed3d117c7fe8b3c55fdd22af47c299099bc

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 10 Feb 2021 22:39:25 GMT
server: Apache
accept-ranges: bytes
etag: "2e5-5bb03133e9b7e"
content-length: 741
content-type: application/javascript

GET
H2 200 st_insights.js Show response
ws.sharethis.com/button/ 27 KB
8 KB 31ms
6ms Script
application/javascript 2600:9000:206f:c400:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2d5a9aa4eabdb58974140a8dfdacfe1ddb89ae27819ad19e8e148649936dac4a

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 15:24:27 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 153264
etag: W/"5fce7d95-6a23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA56-C1
x-robots-tag: noindex, nofollow
content-length: 7721
x-amz-cf-id: RvHnO3ovlSKd5N9mJt-cVYlKTGv75WSODgtxwHl5R_iUBcDu7-JEwA==
expires: Fri, 12 Feb 2021 15:24:27 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 30ms
6ms Script
text/javascript 2600:9000:206f:9e00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9e00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ddc2d8842e4e21c1cfe68e168737a5d49b858618ba76e21ba138d67d50492e48

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:49:47 GMT
content-encoding: gzip
age: 544
etag: W/"19346-02iMeBttC92qvz2cvqVIzDDmFfY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: lGuXPRtgKUqmnjqkmCAqp72XJBoU70JDGdl347k5Oiez4NTOM07cXg==

GET
H2 200 shield-antibot.js Show response
securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/ 3 KB
3 KB 117ms
22ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/shield-antibot.js?ver=10.1.6&mtime=1611272049
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: af7abdbcee9fe7d9eed8ff21d4a2ef12c31d2c374b77c8c67b1bf7c8b752f925

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Thu, 21 Jan 2021 23:34:09 GMT
server: Apache
accept-ranges: bytes
etag: "bc9-5b97182247ead"
content-length: 3017
content-type: application/javascript

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 149 KB
51 KB 112ms
57ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c1c71425fea475e25fa7124254f2f6c063d75b331d4baa5590755d5aae4dea86

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h: 8-15
content-encoding: gzip
server: Apache
etag: "7fc2699d480d4f12b632274c0195d97e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:51 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-7
expires: Thu, 11 Feb 2021 10:03:51 GMT

GET
H2 200 logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 44 KB
44 KB 20ms
19ms Image
image/png 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
last-modified: Wed, 16 Dec 2015 17:30:42 GMT
server: Apache
accept-ranges: bytes
etag: "b0e9-5270743f5f480"
content-length: 45289
content-type: image/png

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 360ms
118ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:52 GMT
Last-Modified: Wed, 13 Jan 2021 17:57:03 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fff346f-d42"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3394
Expires: Sat, 13 Feb 2021 09:58:52 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 54ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAD) /
Resource Hash: c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:21:01 GMT
Server: ECS (amb/6BAD)
Age: 457
Etag: "11a0c75a945561958f0b924da0e67334+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28744

GET
H2 200 facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 830 B
1 KB 77ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Jun 2020 20:34:29 GMT
server: nginx
etag: "509a053c355d6394"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length: 830
expires: Sat, 11 Jun 2022 08:34:29 GMT

GET
H2 200 twitter.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
1 KB 76ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:12:40 GMT
server: nginx
etag: "fbafb4fa36d9fc66"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length: 1082
expires: Sat, 05 Nov 2022 20:12:40 GMT

GET
H2 200 linkedin.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
1 KB 76ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:12:40 GMT
server: nginx
etag: "8daaaf021369fdba"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length: 1184
expires: Sat, 05 Nov 2022 20:12:40 GMT

GET
H2 200 reddit.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 2 KB
2 KB 77ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

56159a7fa211c042c8da7005984653715f938917383f74292247f7b271469fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Jun 2020 20:18:21 GMT
server: nginx
etag: "6a02164672eeeebc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png>; rel="canonical"
content-length: 1566
expires: Sat, 11 Jun 2022 08:18:21 GMT

GET
H2 200 pinterest.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
2 KB 82ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

936c3e0cfba7a07ab55be383aeca9d39dcde7b4e9cddbfd973f78e34d3cc7078

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:12:40 GMT
server: nginx
etag: "68e3fd8215972705"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png>; rel="canonical"
content-length: 1498
expires: Sat, 05 Nov 2022 20:12:40 GMT

GET
H2 200 hacking-SIM-cards.jpg
securityaffairs.co/wordpress/wp-content/uploads/2014/12/ 64 KB
64 KB 26ms
22ms Image
image/jpeg 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2014/12/hacking-SIM-cards.jpg
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 5c5b2ef7e7acfc0a265dc851bef437e0d1198d4083919e0d872ddf0227f01e61

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
last-modified: Wed, 16 Dec 2015 10:54:18 GMT
server: Apache
accept-ranges: bytes
etag: "fe9c-52701ba52ea80"
content-length: 65180
content-type: image/jpeg

GET
H2 200 SAP-systems.gif
securityaffairs.co/wordpress/wp-content/uploads/2015/05/ 7 KB
7 KB 26ms
23ms Image
image/gif 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2015/05/SAP-systems.gif
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9e4a6ba8fbf104beec44e4d5573badfb08bf436aea0b6a6fcc3e85cd84180856

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
last-modified: Wed, 16 Dec 2015 12:32:50 GMT
server: Apache
accept-ranges: bytes
etag: "1a88-527031ab4e080"
content-length: 6792
content-type: image/gif

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5aeba9338d336232141579f89376941d6a458bbd830be1872160c2a4cb8bd99e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KaBwgNRqFxeCT27HKEhWNQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 11 Feb 2021 10:01:01 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: nVBRIrLIA4TKDly75g5PMrhB9jhTuFeuNFcgG8pLNY7BUka8J6AZ5VuD5Hl8OxYSqxHePVKCugY9ZAEHKagWXQ==
x-fb-trip-id: 686109401
x-fb-content-md5: af9215dadd6b552ff8a7f7a1bdfc0be5
date: Thu, 11 Feb 2021 09:58:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ff1e892fea8b8bd08bf16c8733734986"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 google-chrome-bounty-program.jpg
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2016/03/ 3 KB
4 KB 83ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2016/03/google-chrome-bounty-program.jpg?resize=300%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b3450970145d515f86434588b11b40e6139dd372bdf54cfea06bf03c30c50f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 00:31:02 GMT
server: nginx
etag: "b19f289b0e3e2d9a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2016/03/google-chrome-bounty-program.jpg>; rel="canonical"
content-length: 3468
expires: Sun, 05 Feb 2023 12:31:02 GMT

GET
H2 200 ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 122 KB
122 KB 22ms
21ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=688ce3e49e5ecefa1cd650833f2ac646
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Fri, 25 Dec 2020 23:58:53 GMT
server: Apache
accept-ranges: bytes
etag: "1e76e-5b752b4e76df8"
content-length: 124782
content-type: text/css

GET
H2 200 photon.js Show response
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 2 KB
2 KB 22ms
22ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 10 Feb 2021 22:39:21 GMT
server: Apache
accept-ranges: bytes
etag: "6e0-5bb031302da84"
content-length: 1760
content-type: application/javascript

GET
H2 200 jquery.adrotate.clicktracker.js Show response
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 365 B
519 B 25ms
24ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 10 Feb 2021 22:39:09 GMT
server: Apache
accept-ranges: bytes
etag: "16d-5bb0312473af2"
content-length: 365
content-type: application/javascript

GET
H2 200 ssba.js Show response
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
2 KB 19ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=688ce3e49e5ecefa1cd650833f2ac646
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Fri, 25 Dec 2020 23:58:53 GMT
server: Apache
accept-ranges: bytes
etag: "792-5b752b4e7bc18"
content-length: 1938
content-type: application/javascript

GET
H2 200 hint.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 987 B
1 KB 20ms
19ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "3db-526fe6e433440"
content-length: 987
content-type: application/javascript

GET
H2 200 jquery.tipsy.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 4 KB
4 KB 18ms
17ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "1113-526fe6e433440"
content-length: 4371
content-type: application/javascript

GET
H2 200 jquery.easing.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 8 KB
8 KB 29ms
29ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "1fa1-526fe6e433440"
content-length: 8097
content-type: application/javascript

GET
H2 200 browser.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 3 KB
3 KB 19ms
19ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: Apache
accept-ranges: bytes
etag: "a36-526fe6e33f200"
content-length: 2614
content-type: application/javascript

GET
H2 200 jquery.flexslider-min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 21 KB
21 KB 20ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 13:55:10 GMT
server: Apache
accept-ranges: bytes
etag: "53ae-5270441274b80"
content-length: 21422
content-type: application/javascript

GET
H2 200 waypoints.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 8 KB
8 KB 19ms
19ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: Apache
accept-ranges: bytes
etag: "1f6c-526fe6e527680"
content-length: 8044
content-type: application/javascript

GET
H2 200 mediaelement-and-player.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 69 KB
70 KB 20ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 13:55:14 GMT
server: Apache
accept-ranges: bytes
etag: "11571-5270441645480"
content-length: 71025
content-type: application/javascript

GET
H2 200 jquery.swipebox.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 11 KB
11 KB 18ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "2a67-526fe6e433440"
content-length: 10855
content-type: application/javascript

GET
H2 200 jquery.circliful.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 3 KB
3 KB 21ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "c18-526fe6e433440"
content-length: 3096
content-type: application/javascript

GET
H2 200 jquery.smarticker.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 13 KB
13 KB 21ms
19ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "3225-526fe6e433440"
content-length: 12837
content-type: application/javascript

GET
H2 200 custom.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 12 KB
13 KB 21ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: Apache
accept-ranges: bytes
etag: "31d4-526fe6e33f200"
content-length: 12756
content-type: application/javascript

GET
H2 200 wp-embed.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 3 KB
3 KB 21ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/wp-embed.js?ver=688ce3e49e5ecefa1cd650833f2ac646
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:51 GMT
last-modified: Thu, 21 Feb 2019 22:56:38 GMT
server: Apache
accept-ranges: bytes
etag: "c8e-5826f6315ef61"
content-length: 3214
content-type: application/javascript

GET
H2 200 e-202106.js Show response
stats.wp.com/ 9 KB
3 KB 79ms
25ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202106.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 11 Feb 2021 09:58:52 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 30 Jan 2022 21:24:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2025
date: Thu, 11 Feb 2021 09:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 11 Feb 2021 11:25:07 GMT

GET
H2 200 twemoji.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 27 KB
28 KB 24ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=688ce3e49e5ecefa1cd650833f2ac646
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "6d6a-5b61073b100ca"
content-length: 28010
content-type: application/javascript

GET
H2 200 wp-emoji.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 9 KB
9 KB 22ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=688ce3e49e5ecefa1cd650833f2ac646
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
last-modified: Tue, 31 Mar 2020 22:49:14 GMT
server: Apache
accept-ranges: bytes
etag: "231d-5a22e608152f1"
content-length: 8989
content-type: application/javascript

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 5b71b64b04b9a500117b1015.js Show response
buttons-config.sharethis.com/js/ 30 B
372 B 79ms
33ms Script
text/javascript 2600:9000:2111:d800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5b71b64b04b9a500117b1015.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2111:d800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
via: 1.1 0fe4e9874d2e0d61c17aa980fd6da8ee.cloudfront.net (CloudFront)
last-modified: Mon, 13 Aug 2018 16:48:12 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C1
etag: "e6e1643313740711175f51662a65b42f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: EHCwf5jIyLDiCi4biMmhA2a5tS6LTCqg-6Cc4-Cio1CagxFCx1ciDg==

GET
H2 200 analytics.js Show response
google-analytics.com/ 46 KB
19 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/analytics.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6651
date: Thu, 11 Feb 2021 08:08:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 11 Feb 2021 10:08:01 GMT

GET
H2 200 fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 43 KB
44 KB 20ms
20ms Font
application/font-woff 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
last-modified: Wed, 16 Dec 2015 06:58:09 GMT
server: Apache
accept-ranges: bytes
etag: "ad90-526fe6dc92240"
content-length: 44432
content-type: application/font-woff

GET
H/1.1 200
OK videoAds.js Show response
adservetx.media.net/ 6 KB
3 KB 79ms
24ms Script
text/javascript 104.90.192.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adservetx.media.net/videoAds.js?cid=8CU5BD6EW&crid=126440378&dn=securityaffairs.co&https=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.189 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-189.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ffe68cc7b6c2510995059071ae4d2c1398450c378d5f548c4722e8f9c72393de

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:52 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 2707
Expires: Thu, 11 Feb 2021 10:03:52 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ 107 KB
33 KB 122ms
56ms Script
text/javascript 2.16.107.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.72 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-72.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 1adbe11da9e3a5cd92bffafdbb8d3812eabe4f5083b8b1958f8706db111280fe

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:52 GMT
Content-Encoding: gzip
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 33829
Expires: Thu, 11 Feb 2021 10:28:52 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 79 KB
24 KB 700ms
700ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=829833831&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&nse=6&vi=1613037531950196446&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

73922fda8c07718deb0529697cf132e8778796f47c23a578c01c71d0046f6269

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 8-16
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:53 GMT
x-mnt-w: 21-qrps, 21-50pk
content-length: 24438
expires: Thu, 11 Feb 2021 10:03:53 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 69ms
66ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=829833831&vi=1613037531950196446&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886781032&r=1613037532327&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001613037532316031140534834256&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:52 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Feb 2021 09:58:52 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 6FA1 0
0 23ms
6ms Document
text/html 2600:9000:2156:2800:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2800:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Thu, 11 Feb 2021 09:43:54 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: emm0Gk51qzObCl5PvfQJs05iI7epJmqFxUCWw6uhnI3sfrywf4S3MA==
age: 898

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 78 KB
24 KB 623ms
622ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=816788371&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&nse=6&vi=1613037531926387577&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f441cad51e7ddd328a4d0500a9c3f05f23acb049977aa537bf08afe3d37022b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 8-16
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:53 GMT
x-mnt-w: 21-cbbg, 21-qrps
content-length: 24446
expires: Thu, 11 Feb 2021 10:03:53 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 32ms
31ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=816788371&vi=1613037531926387577&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886781032&r=1613037532400&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001613037532397031140534837871&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:52 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Feb 2021 09:58:52 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 79 KB
24 KB 743ms
741ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=816788371&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&nse=3&vi=1613037531581511881&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cb175e0ebd0ac427296d63e4be3a4dc135d1bba28f5229ed7a0183c3f14e31ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 8-16
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:53 GMT
x-mnt-w: 12-3, 12-23
content-length: 24367
expires: Thu, 11 Feb 2021 10:03:53 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 39ms
37ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=816788371&vi=1613037531581511881&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886781032&r=1613037532405&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001613037532397031140534837871&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:52 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Feb 2021 09:58:52 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ 148 KB
50 KB 66ms
64ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8abd05a2b0e544fd4d9b72bb602b2a0a06855fe9da7717d031ba10536e8494d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-mnt-h: 10-8
content-encoding: gzip
server: Apache
etag: "d466f3b8342a1dcc14db3ac2cf700faa"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:52 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-8
expires: Thu, 11 Feb 2021 10:03:52 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
340 B 105ms
27ms XHR
text/plain 18.195.238.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1613037532193.47265&hostname=securityaffairs.co&location=%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=220&consent_duration=220&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&title=Fortinet%20addresses%204%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewallsSecurity%20Affairs&sop=false&description=Security%20vendor%20Fortinet%20has%20addressed%20four%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls%2C%20including%20a%20Remote%20Code%20Execution%20flaw.%20Fortinet%20has%20addressed%20four%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls%20that%20were%20reported%20by%20Positive%20Technologies%20expert%20Andrey%20Medov.%C2%A0%20The%20first%20vulnerability%2C%20tracked%20as%20CVE-2020-29015%2C%20is%20a%20blind%20SQL%20injection%20that%20resides%20in%20the%20FortiWeb%20user%20interface.%20%5B%E2%80%A6%5D
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.238.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-238-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:52 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.co
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
60 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7eef5b623cbc00459c0f87847b8616e7&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

750edb76bcb3f472a6fef8902f269f1253f08ea33fba3b018e304bbd249c744e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zYwxCRpkiN/NNFb8CNsAJQ==
cross-origin-resource-policy: cross-origin
expires: Fri, 11 Feb 2022 08:51:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60946
x-fb-rlafr: 0
x-fb-debug: v+n0KGfA6SBrMsW13XOK8kHyCUI+HTm/oJWd1gLvwagyQWtU2SQYVi0J/GSZ7S5Ogwlwjza2o4sKwMZffwu8SA==
x-fb-trip-id: 686109401
x-fb-content-md5: 1bdf1a5efe20b3e35938af959cb9ce96
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 11 Feb 2021 09:58:52 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "45e76943d21be0a8bdc73a4c8cd3a076"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
388 B 71ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=754568772&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&ul=en-us&de=UTF-8&dt=Fortinet%20addresses%204%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewallsSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=312232400&gjid=2061025929&cid=1518688872.1613037532&tid=UA-59069958-1&_gid=1412814851.1613037532&_r=1&did=dNDMyYj&gtm=2ou230&z=582684675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 65ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=754568772&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&ul=en-us&de=UTF-8&dt=Fortinet%20addresses%204%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewallsSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=2058637684&gjid=1792870085&cid=1518688872.1613037532&tid=UA-59069958-1&_gid=1412814851.1613037532&_r=1&_slc=1&z=82223712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
329 B 88ms
27ms Image
image/gif 2.21.242.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=videoerror&cid=8CU5BD6EW&crid=null&dn=securityaffairs.co&REASON=33&ACTION=0&visitorId=DefVid&dc=0&adtagId=126440378&bidder_id=99999&biddertagid=99999&bsr=Chrome_83&dt=desktop&os=MAC&id=00001613037532470033940766758277&purl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.242.187 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-242-187.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:52 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 11 Feb 2021 09:58:52 GMT

GET headerbid_refresh_alex.php
served-by.pixfuture.com/www/delivery/ Frame F67A 0
0

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame DE7B 11 KB
11 KB 148ms
147ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0cd97c6eff332562c46969eac67a630f4bf7830bddcff2c454075300dac0ebef

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:52 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sat, 13 Feb 2021 09:58:52 GMT

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame EB9A 11 KB
12 KB 294ms
149ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c7e2921a37f5c22854cdc05fd93d7bd41779545ab46ea041c4d74c641a1104dd

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:52 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sat, 13 Feb 2021 09:58:52 GMT

GET
H/1.1 200
OK bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame D98E 0
0 28ms
28ms Document
text/html 2.16.107.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.72 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-72.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash

Request headers

Host: pxlclnmdecom-a.akamaihd.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

Content-Type: text/html; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Thu, 11 Feb 2021 10:28:52 GMT
Date: Thu, 11 Feb 2021 09:58:52 GMT
Content-Length: 3752
Connection: keep-alive

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
329 B 372ms
122ms Other
text/html 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

GET
H2 200 cenw.js Show response
dt.clnmde.com/ 36 B
360 B 359ms
118ms XHR
text/html 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: 641bed26db8b2720e5abb70db266f010f22e1f569a022b50e9c5dba8486f1091

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-lUiTMtQfaqkL5qIM98T9Lw"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H2 200 ptmdDual
dt6.clnmde.com/ 70 B
331 B 272ms
87ms Image
image/gif 2600:1f18:42df:3a01:6221:c1c3:43e5:87c9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22161303753250433347085925%22%2C%22za%22%3A1%2C%22gcd%22%3A1613037532522%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:42df:3a01:6221:c1c3:43e5:87c9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:52 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 344ms
123ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgxmAWDWIFwG0QA4CMA2A7M5BmTqIANChtngcSgEwCceuehAuiQA4CWAJgC7xIAGKkJJDWIAE4BTAGYBVCQBs+iEFXXiAzhLALl-EJB482mgKS4AgmeoAxG7c1SwAVwkceATwCGMmd44JTQA6MAB7BwB3MIkuNmlNcztUVAAWalxcB0hvMGgOADsAcwcZGJ5CqR4AWjKJCsipACNaxW9IkKMAW0UqIxNzKwcHJ1d3L19-QJDwqJi4hKTbFPTM7Nz84tLyypq6hubW9s6eHr7jUwtrOxHnNw8fPwCg0Ii7aNj4qUSHFYysuw5PKFEp2fa7Wo7RotGRtDrBbq9cQAN00AH1uCoEAUXIpFEQcXiCbjFOJIKiMbwDAIaQIMKhcAJ8ABWXAZWiYJkrASs1IUZCUUS0+mMlls3AcrlpHm4Pn4AWEIU0kVMzCsjIYKWpGVy9LM9AgcSuTQ8SlYlAAYTkzIAQgARdAAUQA6lRkFbbQ6XW6Pfana6jRJkQZgAAdUhYHD4VDhuBhkBeNhSWPhsASSnhojh5EcDPwcMqsWoWjUdCMNWYTCZ8Pk9HcFMgWl09AM1XqiWc3Dc3n8gjhgC+-ao8bQkYoMfg8cTyfz4HT9eI2dzC7gBZborVXeZaGZKRwE6zhgpK-DTcLm-Zne7st7E8HhpIJu8PBcmn4qSImU-H9wzM-6E-TBP2QT9aCIH9cG-T8-1wAD8GA0DwM-SDZWg-9AOA8QAC9vHgVB2CKeAQGDEgpAKYM4BANgqCKSAiPPdVmQEVJMllTlkGZEtmSoHg30otI6GQARMFSdBqGZbcqFRIj0GCARgkYRUQG8Xo4EgkAZDAeBqnwkAqg4PD1zbNlHx4Qi4AER9YH4oyxWoNEUloWg9xpRgDVIjhqP4jjglQfVfLVXzhKoKQXFwuBdJcAyLNI5FVIQUACm8LopCIppuC4KR5y4KguGfcLQHSrhMuy+BCXxYjlxymzWyLEsywFZlKxAQciES5LUsooqSspXL8snEBuqy3q4HKkgcxGkAGK3Hc9zQFr+y0RQTXo2yLyYkQQEUGQ8PGqrVtqzdiyY4t0FSUSqGNU1uCI91rT9b0SCKLSIrWxiJRIABHTrdJkaLqH7IA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:52 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 76 KB
24 KB 584ms
583ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=733976884&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&nse=3&vi=1613037532979678795&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8c3e00f9b85f7f5dbce1b987dfe8310b6db6541e98e62e677880939c4771552f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 8-16
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:53 GMT
x-mnt-w: 12-2, 12-14
content-length: 23861
expires: Thu, 11 Feb 2021 10:03:53 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 310ms
123ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgxgTgbiBcDaJgB0QA4CMA2A7GtAzDhqrCiAC4CeADgKamqQD6AlgCaoA0qUrbnOKmwYCABiIBWAhgCcAJiwE0OSThzdUACygBnAYxBjjYkeKkF5BWTgkYMAFjHSHhPMVQBfTyC5JUmLj4RCRw5NT0hiwcmiB8BkIgZhKqMpKYkvb4oTwgOvoxiSamWKIp0lY2do7OBK5EKqHevv7o8rKEyjKk4bQMidGCufGFsMKl5qlykqayWA4OWLH5CWNGJskWVtjVTi6EDvKSSyDNALp+YGBaANZwiDgE1jhY+A4gFyA0HBT3Rh9+CB0ABmAFUIAAbX4IEAAkC6CBgcFQv5aCgUGi6ACkBAAglj5AAxAmE3R0MAAVwgrGoAENgcDaawILoAHRgAD2JIA7hyIOwaEDdNiifZDk8SVpaWAbqwAHYAcxJwL5FHldAoAFoVRA1dy6AAjbUQ2nctlogC2ELhegE0PgcopEIhnxWPz+xU2qSOaFku1q9Xk9lkcMpugodr+aAAwqDJAAhAAiWAAogB1OHh2kUCm6e7WLgOLhPYtFgiSYtYYs4YtoT4AL1pcAwfhoCrgcRadDlMFgXxaCq0Ha9FRmDiedVsaEkCkkLQoeb7jnaaDEOEWR3SLT0HawrLErOUGBatOtsAIfmBYDgmpbIA1rGbE3Klj84fbsDEb7uS+fW2YwayFkxjKFgXasDQw7TqyGDHDBqgwWuXYUk2sB3hSj6fn4dBQGe8CgHKtIWnQHYGhw7B0BAAgtOw2aoaAZHsBRVEcHAjrOn4IzsMOf5TAoSgqGoOCnJ4XAEURJF9oxzHUX4tEUPRIDSZR1GwOxEKcfwrG-mUFiwRkWSYCJYkgIRxGkeRKmsXJdFhEplksdxalOhpcRaU5SS8dI0yzPMiwiZ8ugQuGPG6d6MxiC0ELAs2mmqZ5YUVDYczuLIc6XLmEbaegsYJsm6YDteaFeZYM7yH4ACOkl3sCmEEJ4QA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:52 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 34ms
34ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=733976884&vi=1613037532979678795&ugd=4&lf=6&cc=CH&sc=ZH&wsip=2886781036&r=1613037532595&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001613037532589031140534832119&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:52 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Feb 2021 09:58:52 GMT

GET
H2 200 f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 1 KB
1 KB 8ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 11 Feb 2021 09:58:52 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length: 1186
expires: Thu, 11 Feb 2021 10:03:52 GMT

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 25ms
25ms Image
text/plain 18.195.238.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1613037532193.47265&hostname=securityaffairs.co&location=%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=220&consent_duration=220&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&title=Fortinet%20addresses%204%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewallsSecurity%20Affairs&sop=false&description=Security%20vendor%20Fortinet%20has%20addressed%20four%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls%2C%20including%20a%20Remote%20Code%20Execution%20flaw.%20Fortinet%20has%20addressed%20four%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls%20that%20were%20reported%20by%20Positive%20Technologies%20expert%20Andrey%20Medov.%C2%A0%20The%20first%20vulnerability%2C%20tracked%20as%20CVE-2020-29015%2C%20is%20a%20blind%20SQL%20injection%20that%20resides%20in%20the%20FortiWeb%20user%20interface.%20%5B%E2%80%A6%5D&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&gdpr_method=cookie&description=Security%20vendor%20Fortinet%20has%20addressed%20four%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls%2C%20including%20a%20Remote%20Code%20Execution%20flaw.%20Fortinet%20has%20addressed%20four%20vulnerabilities%20in%20FortiWeb%20web%20application%20firewalls%20that%20were%20reported%20by%20Positive%20Technologies%20expert%20Andrey%20Medov.%C2%A0%20The%20first%20vulnerability%2C%20tracked%20as%20CVE-2020-29015%2C%20is%20a%20blind%20SQL%20injection%20that%20resides%20in%20the%20FortiWeb%20user%20interface.%20%5B%E2%80%A6%5D&img_pview=true
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.238.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-238-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:52 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 78 KB
24 KB 867ms
866ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&nse=3&vi=1613037531412607332&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cef6147d9ceb91409c0a2515d4fd1715132e44849ecf448d8b9bdefc72359c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 8-16
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:53 GMT
x-mnt-w: 12-26, 12-19
content-length: 24372
expires: Thu, 11 Feb 2021 10:03:53 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 342ms
224ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgxgTgbiBcDaJgB0QA4CMA2A7GtAzDhqrCiAC4CeADgKamqQD6AlgCaoA0qUrbnOKmwYCABiIBWAhgCcAJiwE0OSThzdUACygBnAYxBjjYkeKkF5BWTgkYMAFjHSHhPMVQBfTyC5JUmLj4RCRw5NT0hiwcmiB8BkIgZhKqMpKYkvb4oTwgOvoxiSamWKIp0lY2do7OBK5EKqHevv7o8rKEyjKk4bQMidGCufGFsMKl5qlykqayWA4OWLH5CWNGJskWVtjVTi6EDvKSSyDNfuQ4BNY4WPgOPagR-WuDsSOCa5up7Thz7rKSZZ6VaoYpfCrpWS7Wr1eT2WReHwAXT8ADsAIZweCHWQOP6KBxcUROFQSWRcaTGND1MQokAY3Rwdp+VjogC2WNpLPRjNgaD8AA8AGZwIxYIUYMDtdgAI3kUtUaHkdBlBBlaDEDglRyU8lsLWFFFFhDoWDoslkMqFThlOEWViFYAImQIQvYYjAkih8nYLTAYC0AGssUlqZY0g4QHSaBwjQgjFG-BA6EKAKoQAA2ccQiZAuggYHTWZDWgoFBougApAQAIKV+QAMXrDd0dDAAFcIKxqOihUL0awILoAHRgAD2zYA7mOIOwaMndFXG-ZDldm1p0WBA6xUQBzZtCmcUHd0CgAWkPEGPk5VF4z6MnI9LbIzueBsaxqPbGYzdJWH-jMEJnKSwsC9aF9jqOZ5FzDtdAoARs3QABhVNJAAIQAESwABRAB1XN4PRCh215eBrC4ZlxC4Qkri4Op6MkeisHonB6LQOkAC9MVgDA-BoXdRRgPw6FRGBYBAGgWl3LRRXBSwZgcK46lsNAvSOFoKF5JIcQ1O0sCOdIWj0UUsGHMRh2UDAWnRV9YAIPxHTgM8+JAU9WDgeT5D8eDBNgMQfODCSvOYeFZCyYxlCwFo6FYKTgrU4cMGOJLVCSsQcBi9seNc9sPP8kSoDs+BQAxNk6FFGUOHYOgIAEFp2GInjQCq9garqjg4C-H8-HeOTgIsORFGUVR1FOTwuFK9kKok1r2vqvxGooZqQDm2r6tgbqM16-hOuCgapnSZKskwcbJvpabKuq9bOsWpqwlW66Ot9Tbv22uJdpepIDukaZZnmRYzqm8qrram7fTu5aHrW56urenaNu+sothsP4VABca6V0DN4P65HvhmMQWgzEVeIRvakcmX6HAwRQMquGC-DghCKbQVCMOw-DpLATyftArAApAABHGbXKFfKHE8IA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:52 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 39ms
39ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&vi=1613037531412607332&ugd=4&lf=6&cc=CH&sc=ZH&wsip=2886781036&r=1613037532665&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001613037532659031140534834962&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:52 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Feb 2021 09:58:52 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 80 KB
24 KB 737ms
736ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=647633027&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&nse=3&vi=1613037531463495295&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3646c751a7ad079832182fa32c57a860e37b28741f885bbc8b8defaa60f95b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 8-16
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Thu, 11 Feb 2021 09:58:53 GMT
x-mnt-w: 12-14, 12-26
content-length: 24519
expires: Thu, 11 Feb 2021 10:03:53 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 235ms
124ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgxgTgbiBcDaJgB0QA4CMA2A7GtAzDhqrCiAC4CeADgKamqQD6AlgCaoA0qUrbnOKmwYCABiIBWAhgCcAJiwE0OSThzdUACygBnAYxBjjYkeKkF5BWTgkYMAFjHSHhPMVQBfTyC5JUmLj4RCRw5NT0hiwcmiB8BkIgZhKqMpKYkvb4oTwgOvoxiSamWKIp0lY2do7OBK5EKqHevv7o8rKEyjKk4bQMidGCufGFsMKl5qlykqayWA4OWLH5CWNGJskWVtjVTi6EDvKSSyDNfuQ4BNY4WPgOPagR-WuDsSOCa5up7Thz7rKSZZ6VaoYpfCrpWS7Wr1eT2WReHznYRoByWNL3MKPPpRCAJYb8UbjMoWRwYRRiS6WIEFD6gjYTcqWLCSKEyGr7OpzeSIkAAXT8YDAWgA1nBEPMblcxPIcPy-DQOBRxUZ5SAIHQAGYAVQgABtlQgQGrdBAwLqDSqtBQKDRdABSAgAQXt8gAYq63bo6GAAK4QVjUACGms1QdYEF0ADowAB7T0Ad1jEHYNA1ugd7vshyunq0QbAItYADsAOaezXJiglugUAC0lYg1YTdAARg29UGE9HrQBbPVq4FK8XF316vUCvJD9iGxBgxlbLC4aGcyyOE0UIMUX26cXWLgOLhXI+HgiSI9YI84ScALyDcAwCtLcDiLToxZgsBANBapa0L-BSwZjRK4HFsNBWSOFoKF3L9HHaNBKUWI50haPQXywKMxCjZQMBaIMB1gAg-E1MA4DrR8QFrVgHwXb4-F0Chn1gMQGLFOC6IqZh4VkLJjGULA31YH84IgqMMGOcTVHEyk319e9YEo30aJYvw6CgQj4FAYsg17OgX1bDh2DoPEOBadgtwU0BDPYYzTPYOBR3HPx3gAziZAUJQVDUOVvC4bTdP0r8bLsgRzMssIQBCkywtgJy9RcwkHI4kkpnSCSskwU5PH8kAdL0gyjJisy-AszdIui+zHLHBK4iStzUukaZZnmRZsty-KgqioqqtKiKyG62ziuS+LEtipJ3J+P4VABdqAoK4KerCvryoGyrYtGurxsAskKSpeRssnXQ9UYhrJghYwWj1TUHzGsyUvOmRFi5SR2kkFo-UY8a0AAYW1SQACEABEsAAUQAdV-MjFMmpc0D8ABHILKM1FSxE8IA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:52 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 35ms
34ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&vi=1613037531463495295&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886781036&r=1613037532671&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001613037532667031140534833214&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:52 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 11 Feb 2021 09:58:52 GMT

GET
H2 200 Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 6 KB
6 KB 26ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:12:40 GMT
server: nginx
etag: "156244085faab7d3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length: 6414
expires: Sat, 05 Nov 2022 20:12:40 GMT

GET
H2 200 securityaffairs-best-european-blog2.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/ 10 KB
10 KB 30ms
29ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png?resize=300%2C217&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
x-bytes-saved: 103276
content-length: 10314
x-nc: HIT hhn 2
last-modified: Tue, 02 Jun 2020 21:29:55 GMT
server: nginx
etag: "c8c3d7b06b174426"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png>; rel="canonical"
expires: Fri, 03 Jun 2022 09:29:55 GMT

GET
H2 200 logo-center-for-cybersecurity.jpg
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/ 7 KB
7 KB 27ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:12:40 GMT
server: nginx
etag: "312ff21e46f29f3d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length: 7482
expires: Sat, 05 Nov 2022 20:12:40 GMT

GET
H2 200 newsletter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/ 6 KB
6 KB 26ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Dec 2020 07:29:12 GMT
server: nginx
etag: "a6fb49f7a00a0498"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length: 6336
expires: Thu, 15 Dec 2022 19:29:12 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 24ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.4&blog=29506073&post=114233&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=&fcp=2604&rand=0.23316565319842453
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:52 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 31-20e3.svg
s.w.org/images/core/emoji/13.0.1/svg/ 409 B
608 B 78ms
25ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/31-20e3.svg

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

eb87966d6bb5e4869b7605181665130326730e86a82aef4591371fe6dc57f42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 11 Feb 2021 09:58:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 409
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 32-20e3.svg
s.w.org/images/core/emoji/13.0.1/svg/ 618 B
417 B 78ms
26ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/32-20e3.svg

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

4fcefc30ccef0288ff52fdb3b45219eeac803bb2d9b3d245a11abd1051d86777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 11 Feb 2021 09:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html
platform.twitter.com/widgets/ Frame 2C7C 0
0 14ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fsecurityaffairs.co
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8D) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 132757
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Feb 2021 09:58:52 GMT
Etag: "d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B8D)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105677

GET
H/1.1 200
OK horizon_tweet.be260e48a0a0ee06243f28e5da465605.js Show response
platform.twitter.com/js/ 6 KB
3 KB 13ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.be260e48a0a0ee06243f28e5da465605.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7C) /
Resource Hash: 0c08aaa6da093ce3f0f318ad26392a72527e085b7fabb2aa501570abb1ad1a34

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:19:23 GMT
Server: ECS (amb/6B7C)
Age: 132758
Etag: "eb6a388d95b272d83e70b0aa5cc3c881+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2202

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame 6ABE 37 KB
38 KB 121ms
100ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029b3c29c4111c7177d55f5196deb35b99ffd868d2f95b653f97a1418791d10e

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Feb 2021 17:03:25 GMT
server: cloudflare
etag: "602411dd-955d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zgOFSQQHdt3Flc3rj%2FttwdY%2F347r4QSI7xcKMZvnLj0oGbltmIYTdfJAKy5%2F%2BxdzFfRANJdYckoDYs9zR6VUI5e4K2MS0hBrRYV1MWbyJVoOneoH9bMfo%2F458gCu%2Fg%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61fd36c539db4a74-FRA
content-length: 38237
cf-request-id: 0832208f4500004a74991e1000000001
expires: Sat, 13 Feb 2021 09:58:53 GMT

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame C1E3 37 KB
38 KB 100ms
100ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029b3c29c4111c7177d55f5196deb35b99ffd868d2f95b653f97a1418791d10e

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Feb 2021 17:03:25 GMT
server: cloudflare
etag: "602411dd-955d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KCImgLAnpB6shuNh6cxWbXUSU5fGTtny3Q%2Fe3p1WNHepBljTKZ1ml%2B3CgM843sHAxtWmLRkoBKELUI0L0qXitcDT0wfUF9oYW9tD20WP7LFd1BAONeGLK4HjC%2FGQBw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61fd36c58a4e4a74-FRA
content-length: 38237
cf-request-id: 0832208f7300004a748b150000000001
expires: Sat, 13 Feb 2021 09:58:53 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 123ms
123ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgxgrgzgLg+gSwCYxALgNogBwGECqArAEIAiAbAKIDqIAugDTgBOAbulsADojkAsAdnIBmYQAYATAJ5puIGAE8ADgFMZPMM0RIeDHqwTb1IAIzkT44QMLCTfEXwCchCc908AFqyhH0PMQFiZhZiVjYS5OQCoSZ2YjZ82KISdjwAvmn0TAjsaGIAdIRMsACGMNAcwtgMwo4MJo6MIABeJegmTEoA5ugg7EwqAHa5IEogTF0evcGW1sIShGJ8osKCYtiEjgvj8lDTfK7YYgL2C4TYO9695PkFVSY7JQA26MJMAGZg6AC0HSAqMAQ7XMs3CxRgPTyxQA1tMQaE5hI4LFHI5YkdQthyDsVAgxmhTBt8iZCDcTNZicccRA2mg-hAgVD-qwXphQIMSgBbFS9ABGyCQKi0yB2SDKtNA-KQguFSHQgwgTyeTAM2jhITCti2Imw1gEAhAGQY7K5PIJUplaqYYpgEpAFqFarQCqVKsMIoJMwRNhJ2BJ6L9hrSxpAHO5fIFjpF1vF6Elkdl8sVyr67rlnvhmoaiwa-HsQZDYbN9oTVpANrtDsTzuTbqdpkziMcAkcUV1zgLJvD5tL0fLsdkJelUfTLpTqo9DY1czsJgix2SndDpojw8TMdtcaHlo9Y7rk69Wfsq2crkIQaaUCesHVoPmizEOye73a+-TU7vdgcp47TEgsHrPAiDIKhaAmL46UbGxxEcN4QAARzNP53kZMQ0iAA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:53 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H/1.1 200
OK Tweet.html
platform.twitter.com/embed/ Frame 23AC 0
0 13ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1357316793753362433&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=889aa01%3A1612811843556&width=500px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 759
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Feb 2021 09:58:53 GMT
Etag: "9f1f9f33477aa51a06a0ca68ea59b283"
Last-Modified: Tue, 09 Feb 2021 21:03:40 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B87)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 nrrV63415.js Show response
contextual.media.net/4a/ Frame C404 88 KB
29 KB 49ms
48ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV63415.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "b88764f1c889943b3800a04d001e29c0"
vary: Accept-Encoding
x-mnet-h: 8-10
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 11 Feb 2021 09:58:53 GMT
content-length: 29185
expires: Thu, 25 Feb 2021 09:58:53 GMT

GET
DATA 200
OK truncated
/ Frame C404 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C404 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame C404 2 KB
2 KB 106ms
50ms Font
font/woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet1/bullet1.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1792
expires: Fri, 12 Feb 2021 09:58:53 GMT

GET
H2 200 nrrV63415.js Show response
contextual.media.net/4a/ Frame BA92 88 KB
29 KB 41ms
41ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV63415.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "b88764f1c889943b3800a04d001e29c0"
vary: Accept-Encoding
x-mnet-h: 8-10
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 11 Feb 2021 09:58:53 GMT
content-length: 29185
expires: Thu, 25 Feb 2021 09:58:53 GMT

GET
DATA 200
OK truncated
/ Frame BA92 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BA92 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame BA92 2 KB
2 KB 169ms
124ms Font
font/woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet1/bullet1.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1792
expires: Fri, 12 Feb 2021 09:58:53 GMT

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame 6ABE 87 KB
88 KB 104ms
104ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aAXj4ELWsrNmuKu7MyL%2B8x3JTgMpU42AA809rOqAgMotalK4hCQscXC1YUij7ca5gqNwF%2Fhh%2F3WxyM%2FvDs3zCCeQ0xPd2kf5k0Tyrm7OppJSHrMNhg83w8kuTlP58Q%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61fd36c6bcce4a74-FRA
content-length: 89476
cf-request-id: 083220903700004a74cdb47000000001
expires: Sat, 13 Feb 2021 09:58:53 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 6ABE 275 KB
84 KB 100ms
45ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=18585
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Thu, 11 Feb 2021 15:08:38 GMT

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame C1E3 87 KB
88 KB 109ms
109ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZSq328U7i40omZBOw6Lo%2Fh8Ld6bDaqBub3Lf%2Fo2sqHyBS2szuA7EEeqoXYA46w8Q7acVgeM5hW3uC2AOLJ18cM%2B%2FePQeNRK0EIQq5ZGA%2FCgXCMEa6avlgiMkJCcMFg%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61fd36c6ccd64a74-FRA
content-length: 89476
cf-request-id: 083220903b00004a74819ac000000001
expires: Sat, 13 Feb 2021 09:58:53 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame C1E3 275 KB
84 KB 100ms
47ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=18585
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Thu, 11 Feb 2021 15:08:38 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame C404 15 B
216 B 31ms
31ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001613037532397031140534837871&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYII_N1qR1CNh5yAYvoolZIsRQRj7kXiZVaFAVC0o8DZ-nvrF88PCjsNxlWd4UA43fo8cp92keSNI&lpid=&tsid=1&q=&prv=&type=&ps=&cme=_YKDcwgjbfHfvoSkXAkieNJPVnIfK367Z0yuy-MKUQVg0_NUbArJpyyibRNCFETmg5FrLGfTIhdoVJvspn8NOiY0JZXBf7V8obpb6avhIGJO4Vpqow0Gb2-Dl18XDsJn_SCT30mzuFrjwCi5lSfchiNPIFnun0_-xOi1zqiTWgiHBjgE1lx8URgRPQjOC2NQiUBUOk71_DWhYLINRKJacA%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CcO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek%3D%7CN7fu2vKt8_s%3D%7Cqu_fwwVQwriCOGilqHCS57b_nGNzuUJpdh5Zg9zAJ40HckR3Kkme005mEE1N7vT5CW7McOjuwnxUHkSjPrMuOEqW4dDemCzTxexXDho-jFmIA3oaHEoGVI0XnMdV12lvG4e3vbJt44-sV6FeWcWkZ3LIVJs8Fu-qOnAfAAqQ7_hznyE5xwxPzwBJUImX3vtAMfNafStYJwbw_GcDl655K3w0zTobjIEY%7C&hint=&td=&cc=CH&wsip=170721381&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=Nfu&&rc=0&ksu=207&fdkt=307&kwd[]=Best%20Firewall%20Software&kwt[]=307&kbc[]=60134&kwp[]=1&kid[]=3467429&kbc2[]=0%7C%7Cactr%3D0.006%7C%7Cps%3D0.782%7C%7Crpc%3D1.44%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Status%20Of%20My%20Application&kwt[]=307&kbc[]=126474&kwp[]=2&kid[]=27072336&kbc2[]=0%7C%7Cactr%3D0.155%7C%7Cps%3D0.782%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=3573429698816&kwd[]=Cyber%20Security%20Risks&kwt[]=267&kbc[]=139812&kwp[]=3&kid[]=68172917&kbc2[]=ps%3D0.558%7C%7Crpc%3D0.15%7C%7Clvl%3D3.15&ktd[]=274894815488&kwd[]=Windows%20Server%20System&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=30903458&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.10%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Malware%20Free%20Download&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=210330434&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.62%7C%7Clvl%3D3.60&ktd[]=274894881024&rand=1613037533311&cid=8CU5BD6EW&vwid=1613037531926387577&vi=1613037531926387577&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1613037531114793157&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1613037532397&upk=1613037532.12101&hvsid=00001613037532397031140534837871&verid=4121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=100&matm=1613037533317&vgd_ltime=935&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=170721381&vgd_nrrsf=nrr&vgd_nrrv=63415&vgd_nrrs=63415&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-816788371%7CDIV&vgd_x_pos=367&vgd_y_pos=2569&vgd_ren_page_h=4798&vgd_cty=ZURICH&vgd_l1hcsd=A15%7C992&vgd_sethcsd=A16%7C983&vgd_cfud=200205&vgd_is_amp=0&vgd_icat=618&vgd_spcat=500436&vgd_optout=0&vgd_ect=4g&vgd_rensize=517_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&oRurl=http%3A%2F%2Fcdn3gor%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1613037531926387577%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D816788371%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D6%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f114233%252fhacking%252ffortinet-fortiweb-flaws.html%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A517%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:53 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:53 GMT

POST
H2 200 log
navvy.media.net/ Frame C404 807 B
997 B 743ms
362ms Other
image/gif 52.52.52.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.52.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-52-5.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:53 GMT
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
content-length: 807
expires: Thu, 11 Feb 2021 09:58:53 GMT

GET
H2 200 nrrV63415.js Show response
contextual.media.net/4a/ Frame CC17 88 KB
29 KB 45ms
44ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV63415.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "b88764f1c889943b3800a04d001e29c0"
vary: Accept-Encoding
x-mnet-h: 8-10
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 11 Feb 2021 09:58:53 GMT
content-length: 29185
expires: Thu, 25 Feb 2021 09:58:53 GMT

GET
DATA 200
OK truncated
/ Frame CC17 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CC17 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame CC17 2 KB
2 KB 31ms
30ms Font
font/woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet1/bullet1.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1792
expires: Fri, 12 Feb 2021 09:58:53 GMT

GET
H2 200 nrrV63415.js Show response
contextual.media.net/4a/ Frame ACF8 88 KB
29 KB 52ms
51ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV63415.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "b88764f1c889943b3800a04d001e29c0"
vary: Accept-Encoding
x-mnet-h: 8-10
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 11 Feb 2021 09:58:53 GMT
content-length: 29185
expires: Thu, 25 Feb 2021 09:58:53 GMT

GET
H2 200 tran.png
contextual.media.net/__media__/pics/800015191/ Frame ACF8 129 B
292 B 30ms
29ms Image
image/png 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/800015191/tran.png

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e8b1012f16a7c0a81edf99671c9b9070b5a43cd55eb64d4f9ab8ca6a025647c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
last-modified: Fri, 24 Jan 2020 09:58:01 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/png
cache-control: max-age=562746
accept-ranges: bytes
content-length: 129
expires: Wed, 17 Feb 2021 22:17:59 GMT

GET
DATA 200
OK truncated
/ Frame ACF8 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ACF8 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame BA92 15 B
216 B 39ms
38ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001613037532316031140534834256&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYII_N1qR1CNh5yAYvoolZIsRQRj7kXiZVaFAVC0o8DZ-nvrF88PCjsM5jxtUwfEbyOm_DPiKopRp&lpid=&tsid=1&q=&prv=&type=&ps=&cme=_YKDcwgjbfH54029l0LWa_LOErwCHxjyK-BOfbh4IqDE5Dg0Ioa4wSaK3FjJ_53fC-FLwJGKIeZNQNCBMDWVR093Qf4mwEJ05S5zmd77MkUWkvRPUnPbvCUYrTNMyUzHRs6iErxiOsC6SW97qvoohRQloadtA2_Sh1e1xCJdDxSFKn0MZ3zrKA-GQvQFDEMOvEUJdh0mps8VVcFgTsDQBA%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CcO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek%3D%7CN7fu2vKt8_s%3D%7C3gmNM4uC7bvofyKWJRxPpkVkVcVhjm7BAZ1M5q8Xmso78hxt4iBm-lbxEpOiRBN62OmtGj6_zSPWmqOk4OHttQl0H6ng2icdMIRK8f5eOEcLO-rfN66NyQawvss_dwxuno65E8uOIsFGvu4z5NJIeDiWSm7oS0XZqX026TfzO4KjXRTrYnIsHuBbsWzea1oZGQO-vF7VTX5h4OZj79s_XFwku4ZUEq95z5javRLGOf0%3D%7C&hint=&td=&cc=CH&wsip=170721381&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=Nfu&&rc=0&ksu=207&fdkt=307&kwd[]=Best%20Firewall%20Software&kwt[]=307&kbc[]=60134&kwp[]=1&kid[]=3467429&kbc2[]=0%7C%7Cactr%3D0.006%7C%7Cps%3D0.782%7C%7Crpc%3D1.44%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Status%20Of%20My%20Application&kwt[]=307&kbc[]=126474&kwp[]=2&kid[]=27072336&kbc2[]=0%7C%7Cactr%3D0.155%7C%7Cps%3D0.782%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=3573429698816&kwd[]=Cyber%20Security%20Risks&kwt[]=267&kbc[]=139812&kwp[]=3&kid[]=68172917&kbc2[]=ps%3D0.558%7C%7Crpc%3D0.15%7C%7Clvl%3D3.15&ktd[]=274894815488&kwd[]=Best%20Password%20Manager&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=3481836&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.10%7C%7Clvl%3D1.47&ktd[]=274911658240&kwd[]=Data%20Protection%20Tips&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=321805524&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.86%7C%7Clvl%3D1.00&ktd[]=274894881024&rand=1613037533322&cid=8CU5BD6EW&vwid=1613037531950196446&vi=1613037531950196446&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1613037531114793157&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1613037532316&upk=1613037532.12101&hvsid=00001613037532316031140534834256&verid=4121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&pid=8PO5M70HK&katen=1&pc=100&matm=1613037533327&vgd_ltime=1116&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=170721381&vgd_nrrsf=nrr&vgd_nrrv=63415&vgd_nrrs=63415&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-829833831%7CDIV&vgd_x_pos=320&vgd_y_pos=518&vgd_ren_page_h=5312&vgd_cty=ZURICH&vgd_l1hcsd=A15%7C992&vgd_sethcsd=A16%7C983&vgd_cfud=200205&vgd_is_amp=0&vgd_icat=618&vgd_spcat=500436&vgd_optout=0&vgd_ect=4g&vgd_rensize=630_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&oRurl=http%3A%2F%2Fcdn3gor%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1613037531950196446%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D829833831%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D6%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f114233%252fhacking%252ffortinet-fortiweb-flaws.html%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A630%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:53 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:53 GMT

POST
H2 200 log
navvy.media.net/ Frame BA92 807 B
998 B 654ms
361ms Other
image/gif 52.52.52.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.52.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-52-5.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:53 GMT
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
content-length: 807
expires: Thu, 11 Feb 2021 09:58:53 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6ABE
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1
https://mug.criteo.com/sid?cpp=o5bHZnxnNi8rR1VZUkdrblA4cWJSeXE1MUhIQnhRZ1NUaGYvaFNUQmZzSldCZzY1MTJIbkR6K1ZqZ1c4cmc4Z2RUZGRTVHRuTmFLZUtJZ1kxRkFwczFjYXpIMTJzdjU1Qk5tTjgzd0pLK0pXSVQ1eUczYWQxQzlqRS9lbW...

339 B
623 B

132ms
41ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o5bHZnxnNi8rR1VZUkdrblA4cWJSeXE1MUhIQnhRZ1NUaGYvaFNUQmZzSldCZzY1MTJIbkR6K1ZqZ1c4cmc4Z2RUZGRTVHRuTmFLZUtJZ1kxRkFwczFjYXpIMTJzdjU1Qk5tTjgzd0pLK0pXSVQ1eUczYWQxQzlqRS9lbWdmcnV1MCsvek9DMU5WdU9NZmtudTdKV0JzU1VqS2FwZHQzd245aEhLaHE3UG5LSWZIWHNkdlRzalpLSklXT0lHZ2hsdlZRYVN2K2N4c3BFS052VXBHSWlOSWtKaGFveldBajRBODRvVHloNmkzYTV3Z3BVPXw&cppv=2

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9269d9d5dbdd51323e6d4c5ff36ce0e173383962bbb6fc3e1ca87e144f781a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 11 Feb 2021 09:58:53 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2443
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 11 Feb 2021 09:58:52 GMT
location: https://mug.criteo.com/sid?cpp=o5bHZnxnNi8rR1VZUkdrblA4cWJSeXE1MUhIQnhRZ1NUaGYvaFNUQmZzSldCZzY1MTJIbkR6K1ZqZ1c4cmc4Z2RUZGRTVHRuTmFLZUtJZ1kxRkFwczFjYXpIMTJzdjU1Qk5tTjgzd0pLK0pXSVQ1eUczYWQxQzlqRS9lbWdmcnV1MCsvek9DMU5WdU9NZmtudTdKV0JzU1VqS2FwZHQzd245aEhLaHE3UG5LSWZIWHNkdlRzalpLSklXT0lHZ2hsdlZRYVN2K2N4c3BFS052VXBHSWlOSWtKaGFveldBajRBODRvVHloNmkzYTV3Z3BVPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2485
content-length: 482
expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6ABE 56 KB
19 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3cc6af6f13fdac2b76ddb393d32a0e2dcbb082e2b98231b30348c13d9b9649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "780 / 789 of 1000 / last-modified: 1612998653"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19122
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:58:53 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame 6ABE 331 KB
332 KB 98ms
98ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n4Ph8dJr%2BD4Qxp0IoUo%2BQLlz%2FWXj1f99sfsic0%2FNw%2FAuMfgAvJeWemvuunRTOV%2BdHRKub3Mne6hsTVTW2F%2BHTVy%2FRHSwaaPOOD0EvqOyVTwPnOdaW20nP7eAoFJAkA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61fd36c8e9914a74-FRA
content-length: 338715
cf-request-id: 083220919200004a7459832000000001
expires: Sat, 13 Feb 2021 09:58:53 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C1E3
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1
https://mug.criteo.com/sid?cpp=sqlUg3xGalNmSm9ac3pERWM0ckRnaE5BK3NYeFBtajljOHkvUTAyeEQ4VlZXYzVxSXptSzF1V2U5SHg0bGtFUi9hM2Z2U2d2Ykxsck5zeEtGWWptOG1kZUtIK1JIOEM2VFVGbjBhSGVzRk90M3ljYXR5K3lobXFYTzRtNG...

337 B
623 B

132ms
40ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sqlUg3xGalNmSm9ac3pERWM0ckRnaE5BK3NYeFBtajljOHkvUTAyeEQ4VlZXYzVxSXptSzF1V2U5SHg0bGtFUi9hM2Z2U2d2Ykxsck5zeEtGWWptOG1kZUtIK1JIOEM2VFVGbjBhSGVzRk90M3ljYXR5K3lobXFYTzRtNGxKKzAzOVJweHRXeGFPZk1tK2o4U21hbXVOWUlFODJ4aURyT3dzd3hYOURZRldpQlhTUnJNM3R1OG9qejFFOG5oRzkvTUZMQWtoVmQ0RVJlYlp6YWNMay9RQzVucE92Z3Y5bWdURHRqdGdkdDRONjhqeldZPXw&cppv=2

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b5c1bcc51a0fc369671760c1e59126004d7f75b1582cdf94e346c833cbbe26d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 11 Feb 2021 09:58:53 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2302
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 11 Feb 2021 09:58:53 GMT
location: https://mug.criteo.com/sid?cpp=sqlUg3xGalNmSm9ac3pERWM0ckRnaE5BK3NYeFBtajljOHkvUTAyeEQ4VlZXYzVxSXptSzF1V2U5SHg0bGtFUi9hM2Z2U2d2Ykxsck5zeEtGWWptOG1kZUtIK1JIOEM2VFVGbjBhSGVzRk90M3ljYXR5K3lobXFYTzRtNGxKKzAzOVJweHRXeGFPZk1tK2o4U21hbXVOWUlFODJ4aURyT3dzd3hYOURZRldpQlhTUnJNM3R1OG9qejFFOG5oRzkvTUZMQWtoVmQ0RVJlYlp6YWNMay9RQzVucE92Z3Y5bWdURHRqdGdkdDRONjhqeldZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1907
content-length: 482
expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C1E3 56 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3cc6af6f13fdac2b76ddb393d32a0e2dcbb082e2b98231b30348c13d9b9649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "780 / 234 of 1000 / last-modified: 1612998653"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19122
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:58:53 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame C1E3 331 KB
331 KB 102ms
102ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6IevOyAHPnd%2FDpJOu5XrZNEF4sStI4qgfbIeJBWLlojY0AorqEO5B3KywKmSatTF0I5yWdSxuN15exKGU2p5Aj2Q8so0EAgr65qySvsj9RW%2Bl4jfHirpr7cQ51kqxQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61fd36c8f9bc4a74-FRA
content-length: 338715
cf-request-id: 083220919c00004a7469b1c000000001
expires: Sat, 13 Feb 2021 09:58:53 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame CC17 15 B
216 B 33ms
32ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001613037532397031140534837871&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYII_N1qR1CNh5yAYvoolZIsRQRj7kXiZVaFAVC0o8DZ-nvrF88PCjsNxlWd4UA43fo8cp92keSNI&lpid=&tsid=1&q=&prv=&type=&ps=&cme=sBZKZdGPSbMXSLJwGvd4mWGlrc321E4wlseIFMjanr7FXFFl1NZ7hk32sLoSNcb8h0SZShpyNMqInIBWt7BvAv5ynGMpESv4CyF8XT4pj2OU7EhlMtQtXP3HTMxFo_qfXuMcK9Sik0bWp2uS3R8MntZ3ND8q4qI_YWrWDD3iSwfk1DAZktsVxKHIizx3MtW1mmYkWwURmY1ZxRO0OAY5nQ%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CcO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek%3D%7CN7fu2vKt8_s%3D%7CQtZ2xRQGHbJhzOG-GpJ2vnNEWZbe0dwTvDRbeFBf2W-d4vBy3TEMF0meVBoa5vK--PslZOIMlMiN_2Zo7gxgooEDXRonRCx9_IZoQWXiKzXL72LcmK5ESIPrjr13yO13FbamOTMycvwmD21uKfAZvEBFYOt9G3az2VZlbuhTg5nWlQ4VlYvHmRlHHkaYJqpDQbJ7Jn59SLNlTgae1CkSDQLXppjs-YaxLvNOzt6otps%3D%7C&hint=&td=&cc=CH&wsip=2886935737&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NufozNuN&&rc=0&ksu=207&fdkt=307&kwd[]=Best%20Firewall%20Software&kwt[]=307&kbc[]=60134&kwp[]=1&kid[]=3467429&kbc2[]=0%7C%7Cactr%3D0.006%7C%7Cps%3D0.782%7C%7Crpc%3D1.44%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Status%20Of%20My%20Application&kwt[]=307&kbc[]=126474&kwp[]=2&kid[]=27072336&kbc2[]=0%7C%7Cactr%3D0.155%7C%7Cps%3D0.782%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=3573429698816&kwd[]=Best%20Antivirus%20Software%202021&kwt[]=244&kbc[]=1203023066&kwp[]=3&kid[]=330153116&kbc2[]=ps%3D0.576%7C%7Crpc%3D1.37%7C%7Clvl%3D1.17&ktd[]=274894881024&kwd[]=Free%20Malware%20Removing%20Tools&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=329768009&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.26%7C%7Clvl%3D1.17&ktd[]=274894881024&kwd[]=Free%20Software%20Download&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=11660601&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.13%7C%7Clvl%3D3.25&ktd[]=274911658240&rand=1613037533605&cid=8CU5BD6EW&vwid=1613037531581511881&vi=1613037531581511881&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1613037531114793157&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1613037532402&upk=1613037532.12101&hvsid=00001613037532397031140534837871&verid=4121199&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=100&matm=1613037533609&vgd_ltime=1209&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886934385&vgd_nrrsf=nrr&vgd_nrrv=63415&vgd_nrrs=63415&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-816788371%7CDIV&vgd_x_pos=367&vgd_y_pos=2826&vgd_ren_page_h=5312&vgd_cty=ZURICH&vgd_l1hcsd=A15%7C992&vgd_sethcsd=A16%7C983&vgd_cfud=200205&vgd_is_amp=0&vgd_icat=618&vgd_spcat=500436&vgd_optout=0&vgd_ect=4g&vgd_rensize=524_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&oRurl=http%3A%2F%2Fcdn3ncc%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1613037531581511881%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D816788371%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D3%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f114233%252fhacking%252ffortinet-fortiweb-flaws.html%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A524%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:53 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:53 GMT

POST
H2 200 log
navvy.media.net/ Frame CC17 807 B
997 B 467ms
366ms Other
image/gif 52.52.52.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.52.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-52-5.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:53 GMT
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
content-length: 807
expires: Thu, 11 Feb 2021 09:58:53 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame ACF8 15 B
216 B 37ms
36ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001613037532589031140534832119&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYII_N1qR1CNh5yAYvoolZIsRQRj7kXiZVaFAVC0o8DZ-nvrF88PCjsOU3HlKrM5GGmthJhA4yFZ6&lpid=&tsid=1&q=&prv=&type=&ps=&cme=411s8Qs0n4YW-B59-KFRPymaD3bNxOWr6VDEW3ofQohIZfPZ3qbIZlr9SSa2TM4aTDA1iMyZCC7RrXnSysD27xCAWo8A1_Z212DtO0XI4rIJpfRHmx5TJAlz9HipiMXMO3Q8eKKdvAOzmltz0HxS7JjzbWTfRZYL4INlIp_DskyD60iF-nCeTNay1T_2IZLALeGP4xqsUJSbX5VkaiD7iA%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CcO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek%3D%7CN7fu2vKt8_s%3D%7Cm1q36KpuZhojlioUa2XU8AN2ZuOIxTzLIZR1PMLbYtp6QNRPDBc3cfS7XMjYYwnwRjz-MZ0XDYoe40auW8YT0hieTEOOgRocu2zvzkXzLGOKt7bevccqn-RZgmC9d_eXRX7jdcqrcx9WoCiSXKEbijrBatJvjlv6mpXCp4GMqQob6iTdjkwCVNOxOEkWr6EZtJkHu1RmDL2JvjskhdqwNaSEDca7FfnFTL4lqDb5ykQ%3D%7C&hint=&td=&cc=CH&wsip=2886931729&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NufozNuN&&rc=0&ksu=207&fdkt=307&kwd[]=Best%20Firewall%20Software&kwt[]=307&kbc[]=60134&kwp[]=1&kid[]=3467429&kbc2[]=0%7C%7Cactr%3D0.006%7C%7Cps%3D0.782%7C%7Crpc%3D1.44%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Status%20Of%20My%20Application&kwt[]=307&kbc[]=126474&kwp[]=2&kid[]=27072336&kbc2[]=0%7C%7Cactr%3D0.155%7C%7Cps%3D0.782%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=3573429698816&kwd[]=Cyber%20Security%20Risks&kwt[]=267&kbc[]=139812&kwp[]=3&kid[]=68172917&kbc2[]=ps%3D0.558%7C%7Crpc%3D0.15%7C%7Clvl%3D3.15&ktd[]=274894815488&kwd[]=Private%20Internet%20Browsers&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=316522968&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.12%7C%7Clvl%3D2.74&ktd[]=274911658240&kwd[]=Free%20Software%20Download&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=11660601&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.13%7C%7Clvl%3D3.25&ktd[]=274911658240&rand=1613037533616&cid=8CU5BD6EW&vwid=1613037532979678795&vi=1613037532979678795&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1613037532192201431&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1613037532589&upk=1613037532.12101&hvsid=00001613037532589031140534832119&verid=111299&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=100&matm=1613037533619&vgd_ltime=1037&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886942280&vgd_nrrsf=nrr&vgd_nrrv=63415&vgd_nrrs=63415&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=320&vgd_y_pos=3466&vgd_ren_page_h=5312&vgd_cty=ZURICH&vgd_l1hcsd=N8%7C992&vgd_sethcsd=A16%7C983&vgd_cfud=200311&vgd_is_amp=0&vgd_icat=618&vgd_spcat=500436&vgd_optout=0&vgd_ect=4g&vgd_rensize=630_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&oRurl=http%3A%2F%2Fcdn3ncc%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1613037532979678795%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D733976884%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D3%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f114233%252fhacking%252ffortinet-fortiweb-flaws.html%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A630%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:53 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:53 GMT

POST
H2 200 log
navvy.media.net/ Frame ACF8 807 B
997 B 453ms
362ms Other
image/gif 52.52.52.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.52.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-52-5.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:53 GMT
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
content-length: 807
expires: Thu, 11 Feb 2021 09:58:53 GMT

GET
H2 200 nrrV63415.js Show response
contextual.media.net/4a/ Frame 31E5 88 KB
29 KB 43ms
43ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV63415.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "b88764f1c889943b3800a04d001e29c0"
vary: Accept-Encoding
x-mnet-h: 8-10
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 11 Feb 2021 09:58:53 GMT
content-length: 29185
expires: Thu, 25 Feb 2021 09:58:53 GMT

GET
DATA 200
OK truncated
/ Frame 31E5 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 31E5 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame 31E5 2 KB
2 KB 30ms
30ms Font
font/woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet1/bullet1.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1792
expires: Fri, 12 Feb 2021 09:58:53 GMT

GET
H2 200 nrrV63415.js Show response
contextual.media.net/4a/ Frame DE05 88 KB
29 KB 48ms
47ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV63415.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "b88764f1c889943b3800a04d001e29c0"
vary: Accept-Encoding
x-mnet-h: 8-10
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 11 Feb 2021 09:58:53 GMT
content-length: 29185
expires: Thu, 25 Feb 2021 09:58:53 GMT

GET
DATA 200
OK truncated
/ Frame DE05 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DE05 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame DE05 2 KB
2 KB 30ms
30ms Font
font/woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet1/bullet1.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1792
expires: Fri, 12 Feb 2021 09:58:53 GMT

GET
H2 200 pubads_impl_2021020801.js
securepubads.g.doubleclick.net/gpt/ Frame 6ABE 134 KB
0 89ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 09:37:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103421
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:58:53 GMT

GET
H2 200 pubads_impl_2021020801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C1E3 288 KB
101 KB 116ms
63ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2d8a5cf0e0ee804d8ffc7cffa8ba1ec6dc69f7a7e20afefc16eb947c36aab149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 09:37:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103421
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:58:53 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 22ms
22ms Other
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://securityaffairs.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://securityaffairs.co
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1583
date: Thu, 11 Feb 2021 09:58:53 GMT
content-encoding: gzip
vary: Accept-Encoding

GET json
gum.criteo.com/sid/ Frame 6ABE 0
0

GET arj
pixfuture2-d.openx.net/w/1.0/ Frame 6ABE 0
0

GET trinity.json
apex.go.sonobi.com/ Frame 6ABE 0
0

POST prebid
ib.adnxs.com/ut/v3/ Frame 6ABE 0
0

POST translator
hbopenbid.pubmatic.com/ Frame 6ABE 0
0

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 31E5 15 B
216 B 32ms
31ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001613037532667031140534833214&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYII_N1qR1CNhUQ3X73jrqKZfOOwNNQ7ddzclCfJW03jH9xzmEecX41nq3j2zk4IqEvVDWExaBHYu&lpid=&tsid=1&q=&prv=&type=&ps=&cme=Aooh5nRzPxWfwhIbOhKgiT4oLqnSAaRp-T97VxzcvgAa3PBIcUXVg6FNF_mky77s9W1z6WPlVuVpoRhmlaCJ6SJ0z__YrFVOvS3s6S56ZMVKL78AvatM9HJPXQ5PfJMu4H1jqu8Nzp61Wan-4ral8vh3ZPAa1c6Oz-oLOupUf1y7g_warORlFdciH4kz12NrPTcczej1e_S76fK4kYWEQQ%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CcO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek%3D%7CN7fu2vKt8_s%3D%7CdRVVu3jGf07folC34i54v9GsJXeYbChUWcgxFSIO8Js13fUsOlvlitTo40Tp_YIADUPry4Act-8JMLi-mYkRyyPC3QGI0zmCg2kMTmS13nMYzA2g0UpRBqpVFGglD7qgj2VYgNQ2o6gnDHl-MLd9jwAuX9LmepOz0MUSNi3gBjbUVjF0AEMGCgFcVeqR-PTunm0PIQaQJCC6oiZgNzuxJs_G-NJ-tlE1oduUvHvkslY%3D%7C&hint=&td=&cc=CH&wsip=2886942280&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NufozNuN&&rc=0&ksu=207&fdkt=307&kwd[]=Best%20Firewall%20Software&kwt[]=307&kbc[]=60134&kwp[]=1&kid[]=3467429&kbc2[]=0%7C%7Cactr%3D0.006%7C%7Cps%3D0.782%7C%7Crpc%3D1.44%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Status%20Of%20My%20Application&kwt[]=307&kbc[]=126474&kwp[]=2&kid[]=27072336&kbc2[]=0%7C%7Cactr%3D0.155%7C%7Cps%3D0.782%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=3573429698816&kwd[]=Cyber%20Security%20Risks&kwt[]=267&kbc[]=139812&kwp[]=3&kid[]=68172917&kbc2[]=ps%3D0.558%7C%7Crpc%3D0.15%7C%7Clvl%3D3.15&ktd[]=274894815488&kwd[]=Vulnerability%20Assessment%20Scanner&kwt[]=267&kbc[]=139812&kwp[]=4&kid[]=30219595&kbc2[]=ps%3D0.558%7C%7Crpc%3D0.14%7C%7Clvl%3D1.00&ktd[]=274894815488&kwd[]=SSN%20Name%20Change&kwt[]=267&kbc[]=139812&kwp[]=5&kid[]=162203456&kbc2[]=139812%7C%7C%7C%7Cps%3D0.558%7C%7Crpc%3D0.30%7C%7Clvl%3D1.00&ktd[]=274894881024&rand=1613037533910&cid=8CU5BD6EW&vwid=1613037531463495295&vi=1613037531463495295&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1613037531114793157&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1613037532667&upk=1613037532.12101&hvsid=00001613037532667031140534833214&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=100&matm=1613037533914&vgd_ltime=1249&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886930492&vgd_nrrsf=nrr&vgd_nrrv=63415&vgd_nrrs=63415&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-647633027%7CDIV&vgd_x_pos=980&vgd_y_pos=723&vgd_ren_page_h=5312&vgd_cty=ZURICH&vgd_l1hcsd=A15%7C992&vgd_sethcsd=A16%7C983&vgd_cfud=200205&vgd_is_amp=0&vgd_icat=618&vgd_spcat=500436&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&oRurl=http%3A%2F%2Fcdn3ncc%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1613037531463495295%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D647633027%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D3%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f114233%252fhacking%252ffortinet-fortiweb-flaws.html%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:53 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:53 GMT

POST
H2 200 log
navvy.media.net/ Frame 31E5 807 B
997 B 193ms
192ms Other
image/gif 52.52.52.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.52.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-52-5.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:54 GMT
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
content-length: 807
expires: Thu, 11 Feb 2021 09:58:54 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 23ms
22ms Other
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://securityaffairs.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://securityaffairs.co
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2036
date: Thu, 11 Feb 2021 09:58:53 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame C1E3
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=jXeUpXxCcmY3Ujk3OW1SdVlyNEExUm1WOVBNUVpMeXl3Z3N2UGtrMmV3UHZMdXJuRHhwa0l6Qjk0d1BaeXp4SEtvNXZlMjYrNm5GdyszbHRIWHNOZC9WTEtmVHEwaUdRWFJ1M2FLc1RBZmJoZ2xUZEZqUjZVSTVTRHozQk...

358 B
634 B

108ms
37ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jXeUpXxCcmY3Ujk3OW1SdVlyNEExUm1WOVBNUVpMeXl3Z3N2UGtrMmV3UHZMdXJuRHhwa0l6Qjk0d1BaeXp4SEtvNXZlMjYrNm5GdyszbHRIWHNOZC9WTEtmVHEwaUdRWFJ1M2FLc1RBZmJoZ2xUZEZqUjZVSTVTRHozQk5qY1lxNmI5NitJZXVETGVBblBzQ3RKVXFQZk5yT2thbG1PeENNL3NtQVArQi9yOTFQbDBnTmw5cHJUUWtjQWxSZDhtSENaRGpwQ0lRU3VtWVgxWTZCL1JxOER6YzhTa0pqNzB3a0JFejJHV1orNzMvc3JzPXw&cppv=2

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

18d6bb1156cfa6144a03a37eebb9510ff7dacc8be482909cfb3949a4b65389bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 11 Feb 2021 09:58:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2344
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 11 Feb 2021 09:58:53 GMT
location: https://mug.criteo.com/sid?cpp=jXeUpXxCcmY3Ujk3OW1SdVlyNEExUm1WOVBNUVpMeXl3Z3N2UGtrMmV3UHZMdXJuRHhwa0l6Qjk0d1BaeXp4SEtvNXZlMjYrNm5GdyszbHRIWHNOZC9WTEtmVHEwaUdRWFJ1M2FLc1RBZmJoZ2xUZEZqUjZVSTVTRHozQk5qY1lxNmI5NitJZXVETGVBblBzQ3RKVXFQZk5yT2thbG1PeENNL3NtQVArQi9yOTFQbDBnTmw5cHJUUWtjQWxSZDhtSENaRGpwQ0lRU3VtWVgxWTZCL1JxOER6YzhTa0pqNzB3a0JFejJHV1orNzMvc3JzPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1755
content-length: 482
expires: 0

POST
H/1.1 200
OK cookie_sync Show response
prebidserver.pixfuture.com/ Frame C1E3 275 B
647 B 361ms
119ms XHR
application/json 157.245.94.128
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/cookie_sync
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.94.128 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6a99e7d178fd19b946a936a0f64d31a1af2e843b889ab515ada00d38622c5d67

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:54 GMT
Server: nginx/1.14.0 (Ubuntu)
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 275
Expires: 0

POST
H/1.1 200
OK auction Show response
prebidserver.pixfuture.com/openrtb2/ Frame C1E3 105 B
462 B 377ms
135ms XHR
application/json 157.245.94.128
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.94.128 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5cccb4d50b6112bff3fa3c375677185b5453f42840c36648149f078e144ffe60

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:54 GMT
Server: nginx/1.14.0 (Ubuntu)
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 105
Expires: 0

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame C1E3 173 B
360 B 101ms
101ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2b7a9bbb-6eaf-4d81-9fc4-a40cba6b22aa&nocache=1613037533981&pubcid=2c059beb-2890-450c-95a1-475a66ab2fc7&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=300x250&divIds=24270x300x250x4142x_ADSLOT1&auid=540580840&tps=bXlrZXl3b3JkPWZvcnRpbmV0LGFkZHJlc3Nlcyw0LHZ1bG5lcmFiaWxpdGllcyxmb3J0aXdlYix3ZWIsYXBwbGljYXRpb24sZmlyZXdhbGxzc2VjdXJpdHksYWZmYWlycyZteW90aGVya2V5d29yZD1mb3J0aW5ldCxhZGRyZXNzZXMsNCx2dWxuZXJhYmlsaXRpZXMsZm9ydGl3ZWIsd2ViLGFwcGxpY2F0aW9uLGZpcmV3YWxsc3NlY3VyaXR5LGFmZmFpcnM%3D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 62af7d8a31370aa1d71c8ce4fa043a66a22dff73c29ac057726a8a904514dd6b

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:54 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://securityaffairs.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C1E3 1 KB
2 KB 172ms
53ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226b61e9eb21f4c5%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&s=ee548326-4a1c-44a0-95b2-a0b7c9910c0e&pv=22ef3f91-f5a9-44bd-8f3d-1e70bcec0e05&vp=mobile&lib_name=prebid&lib_v=4.19.0&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%222c059beb-2890-450c-95a1-475a66ab2fc7%22%7D&kw=fortinet%2Caddresses%2C4%2Cvulnerabilities%2Cfortiweb%2Cweb%2Capplication%2Cfirewallssecurity%2Caffairs

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f7a97f7227c1a9fc4184df17098d638826b69d64787161e82405e5c0942a710e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:54 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 590
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame C1E3 62 B
661 B 226ms
168ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_300x250&cmd=bid&secure=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 1837567a93174d0f1a29034210b21ade0e4175641778366451ebf3c3a8f3e89c

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Feb 2021 09:58:54 GMT
Server: ATS/7.1.2.128
Age: 0
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://securityaffairs.co
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C1E3 0
61 B 65ms
63ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.co
date: Thu, 11 Feb 2021 09:58:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C1E3 19 B
718 B 30ms
29ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:54 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid: ac7bc317-4518-476c-861c-558ca8fa99ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame DE05 15 B
216 B 29ms
29ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001613037532659031140534834962&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYII_N1qR1CNhUQ3X73jrqKZfOOwNNQ7ddzclCfJW03jH9xzmEecX41lFWbQnfSL0vqeFkXPq6JMF&lpid=&tsid=1&q=&prv=&type=&ps=&cme=jVoyHBqLMPtanpmwjvPButv0gauq2TlE3HQDVrjXz-lLocrZRPTQ3q7Y9fACq1HYCG5MJpvtGlcobnsqrvoF4AnWWMMgM0618OGgij29XICPp3RUbyh2CvQf2J5n8aALk517WNUaBRAUY61Pp4eg2-dg1XM3iJwebAQpcwMoFB4IsJ088GGPAlwyHy-cMvcHI2gZLIK6iSCnTPcWpo6nOg%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CcO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek%3D%7CN7fu2vKt8_s%3D%7CblP5fgEGu05pESWiK-eAUKEl_1O417oyC68iDziITPmEWEXoBDUcs25omwcTr3gcQ7jnfVuwfZ9pnmR_II-DrSCxijN1F88ebJvV33xCSeSojGkVLUq_Fd6hOknT1VdoGccoDnxsesVyQE5I8SlbTCIN5G0TGynLlALo-vmOKXp6s1TqJk15MVlDC-7muz90DkBS-843ZpSvpoXnKd7PW_Mkn7O5mPQE%7C&hint=&td=&cc=CH&wsip=2886930492&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NufozNuN&&rc=0&ksu=207&fdkt=307&kwd[]=Status%20Of%20My%20Application&kwt[]=307&kbc[]=126474&kwp[]=1&kid[]=27072336&kbc2[]=0%7C%7Cactr%3D0.155%7C%7Cps%3D0.782%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=3573429698816&kwd[]=Windows%20Server%20System&kwt[]=244&kbc[]=1203023066&kwp[]=2&kid[]=30903458&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.10%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Internet%20Security%20Cameras&kwt[]=244&kbc[]=1203023066&kwp[]=3&kid[]=15280835&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.23%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Privacy%20Security%20Software&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=23173568&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.07%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Private%20Internet%20Browsers&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=316522968&kbc2[]=ps%3D0.576%7C%7Crpc%3D0.12%7C%7Clvl%3D2.74&ktd[]=274911658240&rand=1613037533996&cid=8CU5BD6EW&vwid=1613037531412607332&vi=1613037531412607332&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1613037531114793157&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1613037532659&upk=1613037532.12101&hvsid=00001613037532659031140534834962&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=100&matm=1613037534000&vgd_ltime=1344&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886940244&vgd_nrrsf=nrr&vgd_nrrv=63415&vgd_nrrs=63415&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-184323154%7CDIV&vgd_x_pos=980&vgd_y_pos=413&vgd_ren_page_h=5312&vgd_cty=ZURICH&vgd_l1hcsd=A15%7C992&vgd_sethcsd=A16%7C983&vgd_cfud=200205&vgd_is_amp=0&vgd_icat=618&vgd_spcat=500436&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&oRurl=http%3A%2F%2Fcdn3ncc%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1613037531412607332%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D184323154%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D3%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f114233%252fhacking%252ffortinet-fortiweb-flaws.html%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:54 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:54 GMT

POST
H2 200 log
navvy.media.net/ Frame DE05 807 B
997 B 201ms
200ms Other
image/gif 52.52.52.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.52.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-52-5.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:54 GMT
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
content-length: 807
expires: Thu, 11 Feb 2021 09:58:54 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 41ms
41ms Other
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1220
date: Thu, 11 Feb 2021 09:58:53 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1

200
OK

setuid
prebidserver.pixfuture.com/ Frame C1E3
Redirect Chain

https://cm.mgid.com/m?cdsp=363893&adu=https%3A%2F%2Fprebidserver.pixfuture.com%3A8000%2Fsetuid%3Fbidder%3Dmgid%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%7Bmuidn%7D
https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=l1bS4C1b42W1

36 B
36 B

361ms
120ms

Image
text/plain

157.245.94.128
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=l1bS4C1b42W1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.94.128 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:54 GMT
Server: nginx/1.14.0 (Ubuntu)
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 36
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:54 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 33995cb6-6aac-4727-b691-b616a8690165
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=l1bS4C1b42W1
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fd36ce1a2823af-ZRH
content-type: image/gif
cf-request-id: 08322094cf000023afba001000000001
server: cloudflare

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 28ms
27ms Image
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&vgd_viab=1&kals=base%7C%7Cpc%3D100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype%3D-10401%7C%7Cgbid%3D-2&cme=_YKDcwgjbfH54029l0LWa_LOErwCHxjyK-BOfbh4IqDE5Dg0Ioa4wSaK3FjJ_53fC-FLwJGKIeZNQNCBMDWVR093Qf4mwEJ05S5zmd77MkUWkvRPUnPbvCUYrTNMyUzHRs6iErxiOsC6SW97qvoohRQloadtA2_Sh1e1xCJdDxSFKn0MZ3zrKA-GQvQFDEMOvEUJdh0mps8VVcFgTsDQBA==||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|cO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek=|N7fu2vKt8_s=|3gmNM4uC7bvofyKWJRxPpkVkVcVhjm7BAZ1M5q8Xmso78hxt4iBm-lbxEpOiRBN62OmtGj6_zSPWmqOk4OHttQl0H6ng2icdMIRK8f5eOEcLO-rfN66NyQawvss_dwxuno65E8uOIsFGvu4z5NJIeDiWSm7oS0XZqX026TfzO4KjXRTrYnIsHuBbsWzea1oZGQO-vF7VTX5h4OZj79s_XFwku4ZUEq95z5javRLGOf0=|&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=829833831&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vi=1613037531950196446&ugd=4&cc=CH&sc=ZH&startTime=1613037532303&l2type=setting&vgd_l1rakh=1613037531114793157&l1ch=1&sttm=1613037532316&upk=1613037532.12101&hvsid=00001613037532316031140534834256&verid=4121199&vgd_sc=ZH&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A15|992&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&l2ch=0&l2wsip=170721381

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:54 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:54 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DA1E 56 KB
19 KB 118ms
86ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

af842f2dce69fa0f994e975cfa26804b9e07c0bf1bf7119b3dd2377b056b41b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "780 / 858 of 1000 / last-modified: 1612998653"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19120
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:58:54 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame C1E3 5 KB
5 KB 120ms
119ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v973
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: edf4cc2a6568cffbf6b0c85cea42adb62f64a6f84c1643a30a2e603272f915c7

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:58:54 GMT
Last-Modified: Wed, 10 Feb 2021 19:17:31 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6024314b-1229"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 4649
Expires: Sat, 13 Feb 2021 09:58:54 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 123ms
122ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgpgHiBcIAwgDQgM4GMD2MQEYBsOAzHIQOwCshATAPo44CcD9AHHCS3kqpgGYw5k6DABds+IiQrU6jZjjYc8NFgCMqcFqVU44VNAzCEw5XrzAATHGhwAWUi0tqH3YSP7RBPURfEFiZJS09Eys7IScNFQAhjikvKpwjLzRLGyEvGhopHjRtmRoeI5UVITkrpgiFh5eYADW0diqvHBotlRsALR4bbyd9GCqndHRYHDdFEy2DOQMjizc9aoCyGgAbijYwAA6IAA2GGjRezQoIhgATtEA5mC70LvNre1dPbZ9A0MjYxOzDNOzea7RC7FBgFAoACWGAAdqdzldbvdHi02h1xm8PjhBsNRhjJv8ZnMwCxgbtMBg6pCwDQLNERNFkSAnmjXr1+tivnjflMiUCQABfbgNJqoixgNAY9mfTosWxwcjdXgMNAsXhyyixYXLTyrNZbXYHI4nM6XG53GAo1riyXdaWc2XyxV4ZWq9W2TU4MmocFQ2Hws1Iy3MsUSqXvDk4uUKpUqtUawixb0Uqk0ukMpksm3hrFRp2xt0JpOC7jXdwwADacEQ1drNZrAF1kGXNtAK4I652m6gRK2q-Xqx3G8gJSIALbYPBzVwMkQAVz7pUQDG7AC9GrqQAAHa7YfUjmH62Bb0sACz8kkC1HIcHyhEI9k0syo5WQvfE7TmcFItjwL-ICzIBsk4AHRwCBEQ4NwxwwIQyCZDA-QjiIkICP4UhBEIIi7tA1aoHUF4BNIwRyGESiLJCJ6wAo5AgTg5B4HRFB0d+ixzhuXhzqhuEjmseyVqAMLRGOYBNJCFjihcNDidw6YbqAqjiZJ0m+NAMJznsexAZCKmERhhCMFQeARBQpCkIKAqIIJwmibAikSWAUkycgckwApSmObpakaVpIBrDpMnUehV70Sw9GsGFFlWSAQkiWJDlOb4Ln0vJzIeYlMDqZp2lebgwXSIwN6MHgti-lF1lxXZ6W6clDJuWlCVeVlvn+blEhEUEDCkAweAON15QCpZFW2Q1ynOSArnQO5jWBc1OWBXll4FbYOBGd+95UOVMU2fFY1JRNKX1fZe2ZT582qYtHUGb+D4zFQMwWd2KB7GcelXi+7DcHsNTnW9y3GQC92viAaALiIuUsAAwgAquQABCAAieAAKIAOqlmgaFLZQHphcgACOtleLw3FwAKQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:54 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 123ms
123ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgtgniBcDasEYA0BmATABiQTgKxdwQA4kB2ANiIF0lY1VzSkjtk1yMAWJNI3TmrBQMmLNkXLIUCGYO7oseLCnzLS+QbhxEsCXlk4Jh5cikHltu-WTTDspMzRAB3AI4xYTyACcPTgMZg-gBGMCDEnOjS-CBIIP7eYAAOHuGSKBgo6tJKCNjknJzkAPpgAIYAlgB2xQixaUaZ2XnsKETqpKSllTVo9QjpTbjRRAiExKPd1cUo-YNZw2j2+aTteFM1nHONC9KG7BgO6BvFuNsZuwhFKJx4S7gn5CBOZQA2AC4eWN9IPxhOAGcAPYwCwgCoANxg9BAAPeZXeAFcAR5hGjUBjhHknAAvMowZAgJIAczCULiAFMqlDoET6sSABZhAY7bJofCRFA3UgYPjYdn1d4o2lXJY6UhFdm4Ij1CHCkDkAB0GEVbTqcTeMGEIAAZv4YABaQkU94VAnzNlxOGk6BYWEAa2ZFsWtTyrGIGEyEnqFIqKRFfEVYyVCHUQcOPsR+OghMRZttlIhrw8oCqZTAFLCwQqABMcxTvMVc-Ucwjo6Bs3mC0WczAqojXq84hCKjWnazhi1TO1cJ0QABfftIVPpzO0yv5wvFuKl+EwCu5ydt6D1xvN1vFkXOkZjGREUYDocjjNZxfV6cgWflkAT8+1lcNpsgFvLhoXZq5fKFJ6D4cgNMnuOZ5TrWM5lvON7Acuq5Pi+m5vkM6DLIwaxnL+x5jpBVYgSW4HQAu2HQY+66viy76dvsHBHH06H-qOp6EReV4QbeOEPmuz4bveCGXNcty4Pch6Aq8cLtuR6CqPUrw6gSJHwWRiFXKY-GCXE-jIu8r5EAAwgAqrgABCAAi5AAKIAOr0vqMbbkUnAwq4Y6Ejq8YYP2QA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:54 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H3-Q050 200 pubads_impl_2021020801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DA1E 288 KB
101 KB 33ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2d8a5cf0e0ee804d8ffc7cffa8ba1ec6dc69f7a7e20afefc16eb947c36aab149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 09:37:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103421
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:58:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame DA1E 109 B
803 B 48ms
28ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=securityaffairs.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 09:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DA1E 109 B
247 B 28ms
27ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 09:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DA1E 42 KB
11 KB 499ms
499ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3237310342448613&correlator=4042424917633942&output=ldjh&impl=fif&eid=21068773%2C21068891&vrg=2021020801&ptt=17&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210211&iu_parts=330713950%2C300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&cdm=securityaffairs.co&bc=31&abxe=1&lmt=1613037534&dt=1613037534798&dlt=1613037534421&idt=355&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=320&adys=3219&adks=1482078445&ucis=cwd3ztki3qnq&ifi=1&ifk=276104868&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&top=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1518688872.1613037532&ga_sid=1613037535&ga_hid=844802216&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

def2bdad819d90c34a512f0ba96df4116b1c4d5088202f4a8778c075b4da1419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10686
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityaffairs.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
246614b52a3ff7ada7842911b6d9b3e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DA1E 0
0 52ms
17ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://246614b52a3ff7ada7842911b6d9b3e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DA1E 0
0 26ms
6ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 28ms
28ms Image
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&vgd_viab=1&kals=base%7C%7Cpc%3D100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype%3D-10401%7C%7Cgbid%3D-2&cme=Aooh5nRzPxWfwhIbOhKgiT4oLqnSAaRp-T97VxzcvgAa3PBIcUXVg6FNF_mky77s9W1z6WPlVuVpoRhmlaCJ6SJ0z__YrFVOvS3s6S56ZMVKL78AvatM9HJPXQ5PfJMu4H1jqu8Nzp61Wan-4ral8vh3ZPAa1c6Oz-oLOupUf1y7g_warORlFdciH4kz12NrPTcczej1e_S76fK4kYWEQQ==||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|cO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek=|N7fu2vKt8_s=|dRVVu3jGf07folC34i54v9GsJXeYbChUWcgxFSIO8Js13fUsOlvlitTo40Tp_YIADUPry4Act-8JMLi-mYkRyyPC3QGI0zmCg2kMTmS13nMYzA2g0UpRBqpVFGglD7qgj2VYgNQ2o6gnDHl-MLd9jwAuX9LmepOz0MUSNi3gBjbUVjF0AEMGCgFcVeqR-PTunm0PIQaQJCC6oiZgNzuxJs_G-NJ-tlE1oduUvHvkslY=|&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vi=1613037531463495295&ugd=4&cc=CH&sc=ZH&startTime=1613037532666&l2type=setting&vgd_l1rakh=1613037531114793157&l1ch=1&sttm=1613037532667&upk=1613037532.12101&hvsid=00001613037532667031140534833214&verid=3121199&vgd_sc=ZH&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A15|992&vgd_uspa=0&vgd_isiolc=1&npgv=1&clp=%7B%7D&l2ch=0&l2wsip=2886930492

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:54 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:54 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 28ms
28ms Image
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&vgd_viab=1&kals=base%7C%7Cpc%3D100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype%3D-10401%7C%7Cgbid%3D-2&cme=jVoyHBqLMPtanpmwjvPButv0gauq2TlE3HQDVrjXz-lLocrZRPTQ3q7Y9fACq1HYCG5MJpvtGlcobnsqrvoF4AnWWMMgM0618OGgij29XICPp3RUbyh2CvQf2J5n8aALk517WNUaBRAUY61Pp4eg2-dg1XM3iJwebAQpcwMoFB4IsJ088GGPAlwyHy-cMvcHI2gZLIK6iSCnTPcWpo6nOg==||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|cO7PSE2SyRvN_W0GSxiKRv7SLHO6TAsYZSPKzYUQ3mOIAWd37OT8oWMynGCZoMAiT9Vc5kBulXWmudu5Orb6H1JIcIZd3MEGpvmWBOapeek=|N7fu2vKt8_s=|blP5fgEGu05pESWiK-eAUKEl_1O417oyC68iDziITPmEWEXoBDUcs25omwcTr3gcQ7jnfVuwfZ9pnmR_II-DrSCxijN1F88ebJvV33xCSeSojGkVLUq_Fd6hOknT1VdoGccoDnxsesVyQE5I8SlbTCIN5G0TGynLlALo-vmOKXp6s1TqJk15MVlDC-7muz90DkBS-843ZpSvpoXnKd7PW_Mkn7O5mPQE|&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&vi=1613037531412607332&ugd=4&cc=CH&sc=ZH&startTime=1613037532657&l2type=setting&vgd_l1rakh=1613037531114793157&l1ch=1&sttm=1613037532659&upk=1613037532.12101&hvsid=00001613037532659031140534834962&verid=3121199&vgd_sc=ZH&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A15|992&vgd_uspa=0&vgd_isiolc=1&npgv=1&clp=%7B%7D&l2ch=0&l2wsip=2886940244

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 11 Feb 2021 09:58:54 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 11 Feb 2021 09:58:54 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 997F 180 KB
51 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 511794
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:49:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:49:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 997F 13 KB
5 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 65723
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 997F 90 KB
27 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 511823
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:48:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 997F 3 KB
1 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 65735
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 997F 41 KB
13 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 65753
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:02 GMT

GET
DATA 200
OK truncated
/ Frame 997F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1423f2573b3d77e48b945b33eac6a8b71681a08beab2320bb81350407303da8

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 11734424340383138941
tpc.googlesyndication.com/simgad/ Frame 997F 19 KB
19 KB 36ms
21ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11734424340383138941?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qltMyRnIGC6-cjsDT5hIzxkoHFrzQ

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e592fdf2602f61b85df0ce1ab4c3e75efd86d78ec976e5d68e095ef693baf65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:57:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jun 2020 21:45:15 GMT
server: sffe
age: 594114
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19606
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:57:01 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 997F 2 KB
3 KB 34ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Feb 2021 12:56:43 GMT
x-content-type-options: nosniff
server: cafe
age: 75732
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 11 Feb 2021 12:56:43 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 997F 295 B
389 B 34ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
server: cafe
age: 19997
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 12 Feb 2021 04:25:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 997F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6GXUg2RRfY47F0-VQHithSIfIjZGTNOfylEpoNCWZCp0zUX1pGyUAzQPeog1D2526qRP8
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 997F 0
0 60ms
60ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw0A73v8kYOX6M5ejx_AP1YCtqAnTyN2xYemEvZ6PDc3P2_7qIBABIKOHlh5g9ZXOgeAEoAGSmav8AsgBAuACAKgDAcgDCKoEogJP0Ou50GPGNuV9uBRXOy6Sir0bF8lHbRjEiKS6bXSI46c8Q-BZRurqf1fzAUCLBH1HKU-gESFSZ88KmWutd-Jk96PtehPZAaQ-0lR_1A4FVQnWiwXhcS8qVv3M7vlj21VVKVHYyPd0COcHFk_LZjSIhcf9p3Lz0nbF4OuAxTDC0otnEZ2MOLPgL872EIOjjX7TeIrNcqwcLTkqCcsYuEforamp7Qydh9WOwbSLQJJ93dzBDNYbVbMH3UNZMHD1vczRRm5jYqpbUwisDyu7fWnUBq-gVoFTF4iSiKGoN7JwPwOOw3H5ibbx4PCIfeAF__miWYvsHRlR-0WhCo2AMKqqJT2EOt-AoapfjlrQqxi2T2X5zDNZLEK_WiPJbdldQPqxTsAEp8mSkqsD4AQBkgUECAQYAZIFBAgFGASgBgKAB9bm1IMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMGfFdIICQiA4YBAEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0xNTc1OTExNTg1NDMyNTQ4&sigh=qVa8M6jCbDM&tpd=AGWhJmvAy19PpgbR2P8-hl-qFXjmkFHcxFWZzvgqGGZJQTMuxg
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DA1E 8 KB
7 KB 52ms
32ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb32b5bfb800d4704067801ab1b8d7f454f68767033e3e259f3dd6d85849580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 09:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6423
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DA1E 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:58:55 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 997F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 11 Feb 2021 09:58:55 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame C1E3 0
222 B 69ms
30ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Feb 2021 09:58:55 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://securityaffairs.co
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame C1E3 109 B
544 B 136ms
44ms XHR
application/json 18.200.32.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-159.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b17127645e28e1b26c3ec346f1c7ac17460c4e045792d8a8f833d62a6563c4ac

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Feb 2021 09:58:55 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 13 Mar 2021 09:58:55 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 5D62 0
0 29ms
28ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=165242
Expires: Sat, 13 Feb 2021 07:52:57 GMT
Date: Thu, 11 Feb 2021 09:58:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 639A 0
0 114ms
57ms Document
text/html 184.30.20.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.185 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 12 Feb 2021 09:58:57 GMT
Date: Thu, 11 Feb 2021 09:58:55 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 957F 0
0 43ms
40ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=2c059beb-2890-450c-95a1-475a66ab2fc7|1613037534
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=2c059beb-2890-450c-95a1-475a66ab2fc7|1613037534; Version=1; Expires=Fri, 11-Feb-2022 09:58:55 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1613037535|gekin0vNiygu; Version=1; Expires=Fri, 26-Feb-2021 09:58:55 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 11 Feb 2021 09:58:55 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame C1E3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=1cef4122-68b2-4e07-a4c6-04a92d899c77&pubid=0b24fdfc82

49 B
927 B

192ms
38ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=1cef4122-68b2-4e07-a4c6-04a92d899c77&pubid=0b24fdfc82

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:55 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=1cef4122-68b2-4e07-a4c6-04a92d899c77&pubid=0b24fdfc82
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame C1E3
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471592425439203

49 B
914 B

206ms
41ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471592425439203

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:55 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471592425439203
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame C1E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NjNlYmJkOWMtNjIwMy00MDA3LTkxMWEtYTE0MWZhZjRkYzA1
https://sync.go.sonobi.com/usg.gif?google_gid=CAESELFIGbYaMjFD48pGfVLvvLo&google_cver=1

49 B
921 B

249ms
41ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESELFIGbYaMjFD48pGfVLvvLo&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:55 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESELFIGbYaMjFD48pGfVLvvLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame C1E3
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=63ebbd9c-6203-4007-911a-a141faf4dc05&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bFh4cWtJNnBxakx4VE5wa08yeExUdw&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOLIDw3orBQBYrh9r0B95mI&google_cver=1
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=5nqnAGyWlnX4

49 B
903 B

41ms
40ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=5nqnAGyWlnX4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=5nqnAGyWlnX4
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-tl5g8
expires: -1

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame C1E3
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=60a3d172-4d9b-48a0-b7df-5d27abe641f6
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=60a3d172-4d9b-48a0-b7df-5d27abe641f6
https://x.bidswitch.net/sync?dsp_id=4&user_id=6936ae6f-568b-4284-a578-8ad86003c799&ssp=sonobi&expires=30&user_group=5&bsw_param=60a3d172-4d9b-48a0-b7df-5d27abe641f6
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60a3d172-4d9b-48a0-b7df-5d27abe641f6

49 B
927 B

58ms
58ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60a3d172-4d9b-48a0-b7df-5d27abe641f6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:55 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=60a3d172-4d9b-48a0-b7df-5d27abe641f6
date: Thu, 11 Feb 2021 09:58:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame C1E3
Redirect Chain

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2967823111
https://sync.1rx.io/usersync/tradedesk/1cef4122-68b2-4e07-a4c6-04a92d899c77
https://sync.targeting.unrulymedia.com/csync/RX-2b94950d-8829-471e-935d-eb64f947c2af-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-2b94950d-8829-471e-935d-eb6...
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-2b94950d-8829-471e-935d-eb64f947c2af-003

49 B
934 B

42ms
41ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-2b94950d-8829-471e-935d-eb64f947c2af-003

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 11 Feb 2021 09:58:56 GMT
Server: Tengine
ETag: RX2b94950d8829471e935deb64f947c2af003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-2b94950d-8829-471e-935d-eb64f947c2af-003
Connection: keep-alive
Content-Type: text/html

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame C1E3
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3a076024-ffdf-4900-8233-b12d3c511f14

49 B
931 B

177ms
54ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3a076024-ffdf-4900-8233-b12d3c511f14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:55 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 11 Feb 2021 09:58:55 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3a076024-ffdf-4900-8233-b12d3c511f14
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 11 Feb 2021 09:58:54 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D356 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Feb 2021 09:09:39 GMT
expires: Fri, 11 Feb 2022 09:09:39 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2956
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame C1E3 0
46 B 32ms
32ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Feb 2021 09:58:55 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://securityaffairs.co
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame C1E3 108 B
647 B 44ms
44ms XHR
application/json 18.200.32.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-159.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8dc4258e4791fe2d63620896e13e6e663ee5dc04576a6166581bf0e43af8cf36

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Feb 2021 09:58:55 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 13 Mar 2021 09:58:55 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA1E 0
143 B 125ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020801&jk=3237310342448613&bg=!NTalNnXNAAWP4B5EjzsAKQB2-DxayqOG8iazjMaoAr0cs6elPDFOJa-dyGrd2wc4hxOULxatu0qtAgAAAH1SAAAAGWgBBwoAAZ-ZAiX93_5BijVqhu9msXq7aUStuT-CwBzkvjbYEaRNKNu3oZCHzIflaiRo9iodTb1Jfnhu5y1Ihcqo67d5unM218_oC7l_MK4ufkuuYtZwg4XjXMxrEgUGENZTQRLbVnCjSQFdAIey0tuuB0SjcouHNVjPdwSuRZ68AKgtNEyYuOZchRFW2-z3MiLispA9s_NECOHP3ixRLr3fQ6Dtekhtx6QTGhN5LA-Pyd593lYzar6Cap0I_g-zT0DwPYTgLG1I6Mr4Qg4xrvldmDHQN3DI3hvZ66oJxUzRTPrY-fOtgGbq5eQ1OHFb5VOS2U08jvETn3F0D3pAp9juSV25pNngH2bwvouHXIm6Ao3OaioOWUvGwdj90thNerze2gmTB0lH1j36yU15hBN2Ch8tbcLDgMfI_xk794lnWH9VXz-lSjujeCmVvxpD0up7LLl4LzyUa9MVz9bi17W9335SC_mqXHKwpEfYXUiqVJs_5ImP2aOI5WYF6gEoIUUBlKNt5qoW7wArwVPzZoPrSzmESi_dqru1f9usL3awSQS7lmG_akp6KNw_I7XxWVh8iVFtS6AqjZIBfbfAdbKIb4G4ThvBgeKfkd1TwcSOQZuJMh325i4rRXz72lSeOgGILspJ0jxjTE1PmG-6dVTnawLzAwgKKQwM-TCVLUwVgp-qZdbBSDU2K1V55uHRbBkCqPFqkQGRW4oT61Hl3HgXxIke2HHJweR-STj9BUg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:58:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 123ms
123ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgZghiBcDaDMB2AbADgAzIJzwEyoBoBGdQ9A8yi6q5AFhsfQF0DwIBnGZNgC15ixc5XEVbgwMXGwCuMmEXho2YAG4wQINgEt10BiA4AXCEZlc4uAKzEs4gF5RoRNgAcA5hvVsApgDs9EFctEHcBaBAiZEV0JCs8K3Q6eBS6RFIrLGsQowtIulwsDEQ6ZGsrVBDVPOQAOnRa+FQiEIgAGxh4FQBjGABaFxAfI20FaPhYxHjpQyNPaHJDAGsNKJi4vAB9IiIsLB2MWNRkEJ9tYIiiVCtaois6oinb9ERTmSdBmVGF31UOuFAfggAFsfBoAEbaAAmUJ8ACdNtCQlDTE5QJCYfDEVCYH4ZG02mxVNpsatxpN4rtcMgmlNEK8AL4MgiAkFgiIY2EIpFsFEmGDo6Fc0nQPEEokkpGXckbO7NKwHZogJkskBA0EQoVYnkgPlokCc7U40X4wkgYkiyIyqbwXaJXb0UrK5msjUcrXcnG81ECg0ekVis0WqVW9Y2wqILDIRCoSNWZ2q9Xsv2Yz3In3QQWpgOmiWWtYTWV0IjUl4pXAJ13Jw1p738zMp4VSwN5kMFim20rwOhYKyFeNM8QcNrGMlh6aJdAhNqSZyt42hws2ohdnt93shbrmIyW1AAYQAqlYAEIAEWQAFEAOohdy9ZzW+LIeIGACO7MGYG+6AZQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:58:56 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame C1E3 36 B
615 B 349ms
118ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v973
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:58:57 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sat, 13 Feb 2021 09:58:57 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 124ms
124ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=161303753250433347085925_N4IgLgDghiBcDaiCMAaADAXSykBLAbnABw4DOYUYArqXPACwBMKSAnBjgF4yyogQBzOCEI4ApgDtCsfiBwCAFsKQA2JAGY06gOwBWdY11p660-W1oiu1obnhaMpE1ZE02+isO6id-A5AqAHRogepESHZQADZw6jgAZgDGcAC0fGJguHCqGlp6BmRgQrBoZADWymqaOvqMAPpIbKyNrlpEKnZiuBDKVoFIukFIev1unVQ8fFRZJeL4MQigElAAtmLCAEa4ACbbYgBOdTt225Q8oFu7B0fbcBJUUVE4+Lg3lbk16myMKmF62toQABfIEoJardYyS57Q7HHCnChwC47GFvWD3R7PV7HRxVPL6AbhXQtcLA0HgtabFHXOEgBHnEDQmm3dEPJ4ibEskA5ar5NhGNgqegeMlgkDLSlQ6mw27ws5IxnStEY9kvNHcvGfRisbSsFTaIi63SiimQxVXGUneWwZEW5VsrHqnn4r70JA-NymRgm8UQql22n0hVMy2szEcp2avkedT0Vi6bXGkEcECkKLkd682pGNB2KLxbKOnEaj7R35xhPxuyJGhgdVEADCAFVdAAhAAiKgAogB1OwCZK8KO6ehofT0HAAR0hfHiMzQQKAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 09:59:00 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
328 B 122ms
122ms Other
text/html 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-98-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Feb 2021 09:59:02 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=688ce3e49e5ecefa1cd650833f2ac646

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=688ce3e49e5ecefa1cd650833f2ac646

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=688ce3e49e5ecefa1cd650833f2ac646

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=688ce3e49e5ecefa1cd650833f2ac646

Domain: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=fortinet,addresses,4,vulnerabilities,fortiweb,web,application,firewallssecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1

Domain: pixfuture2-d.openx.net
URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3e8035ad-35b9-474d-9d52-fddb2fd6b434&nocache=1613037533896&pubcid=2c059beb-2890-450c-95a1-475a66ab2fc7&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divIds=24272x320x50x4142x_ADSLOT1&auid=540580841&tps=bXlrZXl3b3JkPWZvcnRpbmV0LGFkZHJlc3Nlcyw0LHZ1bG5lcmFiaWxpdGllcyxmb3J0aXdlYix3ZWIsYXBwbGljYXRpb24sZmlyZXdhbGxzc2VjdXJpdHksYWZmYWlycyZteW90aGVya2V5d29yZD1mb3J0aW5ldCxhZGRyZXNzZXMsNCx2dWxuZXJhYmlsaXRpZXMsZm9ydGl3ZWIsd2ViLGFwcGxpY2F0aW9uLGZpcmV3YWxsc3NlY3VyaXR5LGFmZmFpcnM%3D

Domain: apex.go.sonobi.com
URL: https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224d239dddd01105%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F114233%2Fhacking%2Ffortinet-fortiweb-flaws.html&s=67dddee9-17d5-4282-adec-2c34725cf878&pv=d8b2bb51-4307-475e-8d4b-883532439804&vp=mobile&lib_name=prebid&lib_v=4.19.0&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%222c059beb-2890-450c-95a1-475a66ab2fc7%22%7D&kw=fortinet%2Caddresses%2C4%2Cvulnerabilities%2Cfortiweb%2Cweb%2Capplication%2Cfirewallssecurity%2Caffairs

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pxlclnmdecom-a.akamaihd.net/	1970-01-23 06:41:45	Name: bafp_t Value: bf0c4280-6c4f-11eb-aae0-6759949598e8
.pxlclnmdecom-a.akamaihd.net/	1970-01-19 16:03:59	Name: bfp_sn_td_2a17fb019fa8803fcc76a437c68e2235 Value: 1613037532_119911800386_2a17fb019fa8803fcc76a437c68e2235
.pxlclnmdecom-a.akamaihd.net/	1970-01-19 16:03:59	Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1613037532_119911800386_8b2087b102c9e3e5ffed1c1478ed8b78
.pxlclnmdecom-a.akamaihd.net/	1970-01-19 16:03:59	Name: bfp_sn Value: 1613037532_119911800386
securityaffairs.co/	1970-01-20 01:25:37	Name: cto_bundle Value: hoHogl9lTTFvcHVhSVVFNEQ3UXp3bHpScmF6cVRFUUZ4Q1ZORmllU1NZd2hIcVZRRmlvb2NBdTVzZW9RY1lkNUVubGI1MjhCWFlqbDd6STJ5UXpZZjFteG9KOFFZZHVVa1BEeEZJMjJJeG5GUzFNek1KTk53WmQlMkJ6UnlKSE9EaFBkTW9J
.securityaffairs.co/	1970-01-23 06:41:45	Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78 Value: Direct
securityaffairs.co/	1970-01-19 16:47:09	Name: _pbjs_userid_consent_data Value: 3524755945110770
.securityaffairs.co/	1970-01-19 16:03:57	Name: _gat Value: 1
.securityaffairs.co/	1970-01-23 06:41:45	Name: bafp Value: bf0cdec0-6c4f-11eb-8405-6f9c8f8453a1
.securityaffairs.co/	1970-01-19 20:23:09	Name: _pubcid Value: 2c059beb-2890-450c-95a1-475a66ab2fc7
.securityaffairs.co/	1970-01-23 06:41:45	Name: bfp_sn_rt_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1613037532508
.securityaffairs.co/	1970-01-19 16:05:23	Name: _gid Value: GA1.2.1412814851.1613037532
securityaffairs.co/	1970-01-20 01:25:37	Name: cto_bidid Value: VwhXyl9NMmhZdVdQNnpsMDBiVEcwd0hmRFk1ekt1VEI4OWI2Y2RNZk5kZm9HYkRZcU1MbUVwTDVRaUxoY2FtZ2MlMkJsYTIzRUEyNEN4WEN2JTJCOFFSWDl4WEdMZWclM0QlM0Q
.securityaffairs.co/	1970-01-20 09:35:09	Name: _ga Value: GA1.2.1518688872.1613037532
.securityaffairs.co/	1970-01-19 16:03:59	Name: bfp_sn_pl Value: 1613037532\|1_119911800386
securityaffairs.co/	1970-01-19 16:04:01	Name: cookielawinfo-checkbox-non-necessary Value: yes
securityaffairs.co/	1970-01-19 16:03:59	Name: session_depth Value: securityaffairs.co%3D1%7C829833831%3D1%7C816788371%3D2%7C733976884%3D1%7C184323154%3D1%7C647633027%3D1
.securityaffairs.co/	1970-01-19 16:03:57	Name: _gat_gtag_UA_59069958_1 Value: 1
securityaffairs.co/	1970-01-19 16:04:01	Name: cookielawinfo-checkbox-necessary Value: yes

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 69) Message: JQMIGRATE: Migrate is installed with logging active, version 3.3.2
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.blur() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.focus() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.load() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.hover() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.isArray is deprecated; use Array.isArray
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.submit() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.unload() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.trim is deprecated; use String.prototype.trim
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: 'jQuery.easing.swing' should use only one argument
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html(Line 102) Message: CMP IS NOT FOUND!!!
console-api	log	URL: https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html(Line 112) Message: CMP IS NOT FOUND!!!
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.isFunction() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.isWindow() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.bind() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.offset() requires a valid DOM element
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.change() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://securityaffairs.co/wordpress/114233/hacking/fortinet-fortiweb-flaws.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

246614b52a3ff7ada7842911b6d9b3e3.safeframe.googlesyndication.com
acdn.adnxs.com
ads.creative-serving.com
ads.pubmatic.com
adservetx.media.net
adservice.google.ch
adservice.google.com
apex.go.sonobi.com
api.rlcdn.com
bh.contextweb.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.pixfuture.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
contextual.media.net
dt.clnmde.com
dt6.clnmde.com
eu-u.openx.net
fonts.googleapis.com
google-analytics.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
l.sharethis.com
lg3.media.net
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
navvy.media.net
p.rfihub.com
pagead2.googlesyndication.com
pixel.wp.com
pixfuture2-d.openx.net
platform-api.sharethis.com
platform.twitter.com
prebidserver.pixfuture.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
s.w.org
secure.gravatar.com
securepubads.g.doubleclick.net
securityaffairs.co
served-by.pixfuture.com
stats.wp.com
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
apex.go.sonobi.com
fonts.googleapis.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
pixfuture2-d.openx.net
served-by.pixfuture.com
104.19.134.78
104.90.192.189
142.250.185.130
157.245.94.128
178.162.133.149
178.162.133.150
178.250.0.157
18.156.195.47
18.195.238.30
18.200.32.159
184.30.20.185
184.30.20.198
184.30.24.22
185.29.132.69
185.64.189.112
192.0.76.3
192.0.77.2
192.0.77.48
193.0.160.129
198.148.27.139
2.16.107.72
2.21.242.187
2001:4de0:ac19::1:b:1a
2001:8d8:100f:f000::289
213.19.147.150
213.19.147.151
216.58.212.130
2600:1f18:42df:3a01:6221:c1c3:43e5:87c9
2600:9000:206f:9e00:1c:8a07:5e80:93a1
2600:9000:206f:c400:3:c04e:c780:93a1
2600:9000:2111:d800:c:abe:f440:93a1
2600:9000:2156:2800:c:a9b7:ddc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:b9c
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2004
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
3.127.51.194
34.120.207.148
34.98.64.218
35.156.223.207
37.252.173.22
52.201.98.35
52.52.52.5
68.183.31.14
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
029b3c29c4111c7177d55f5196deb35b99ffd868d2f95b653f97a1418791d10e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60
0c08aaa6da093ce3f0f318ad26392a72527e085b7fabb2aa501570abb1ad1a34
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0cd97c6eff332562c46969eac67a630f4bf7830bddcff2c454075300dac0ebef
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
1837567a93174d0f1a29034210b21ade0e4175641778366451ebf3c3a8f3e89c
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
18d6bb1156cfa6144a03a37eebb9510ff7dacc8be482909cfb3949a4b65389bf
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1adbe11da9e3a5cd92bffafdbb8d3812eabe4f5083b8b1958f8706db111280fe
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
24583638f8c4bd2d5dff22bddefbb24f8d047868e71ad2c029b1698b6926c85c
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2d5a9aa4eabdb58974140a8dfdacfe1ddb89ae27819ad19e8e148649936dac4a
2d8a5cf0e0ee804d8ffc7cffa8ba1ec6dc69f7a7e20afefc16eb947c36aab149
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3646c751a7ad079832182fa32c57a860e37b28741f885bbc8b8defaa60f95b36
3fb32b5bfb800d4704067801ab1b8d7f454f68767033e3e259f3dd6d85849580
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
4fcefc30ccef0288ff52fdb3b45219eeac803bb2d9b3d245a11abd1051d86777
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
56159a7fa211c042c8da7005984653715f938917383f74292247f7b271469fb6
5aeba9338d336232141579f89376941d6a458bbd830be1872160c2a4cb8bd99e
5c5b2ef7e7acfc0a265dc851bef437e0d1198d4083919e0d872ddf0227f01e61
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5cccb4d50b6112bff3fa3c375677185b5453f42840c36648149f078e144ffe60
62af7d8a31370aa1d71c8ce4fa043a66a22dff73c29ac057726a8a904514dd6b
641bed26db8b2720e5abb70db266f010f22e1f569a022b50e9c5dba8486f1091
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
6a99e7d178fd19b946a936a0f64d31a1af2e843b889ab515ada00d38622c5d67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e592fdf2602f61b85df0ce1ab4c3e75efd86d78ec976e5d68e095ef693baf65
73922fda8c07718deb0529697cf132e8778796f47c23a578c01c71d0046f6269
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
750edb76bcb3f472a6fef8902f269f1253f08ea33fba3b018e304bbd249c744e
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
8abd05a2b0e544fd4d9b72bb602b2a0a06855fe9da7717d031ba10536e8494d2
8c3e00f9b85f7f5dbce1b987dfe8310b6db6541e98e62e677880939c4771552f
8c43e551763d3628fab88767caacb3188f69afa8d1290cf3f9d61ab09cb56073
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
8dc4258e4791fe2d63620896e13e6e663ee5dc04576a6166581bf0e43af8cf36
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9269d9d5dbdd51323e6d4c5ff36ce0e173383962bbb6fc3e1ca87e144f781a62
936c3e0cfba7a07ab55be383aeca9d39dcde7b4e9cddbfd973f78e34d3cc7078
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9e4a6ba8fbf104beec44e4d5573badfb08bf436aea0b6a6fcc3e85cd84180856
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a902ffc1c259dc54cb51d32618f4238568e5bcac3d32afc33e6729277f67dffb
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af7abdbcee9fe7d9eed8ff21d4a2ef12c31d2c374b77c8c67b1bf7c8b752f925
af842f2dce69fa0f994e975cfa26804b9e07c0bf1bf7119b3dd2377b056b41b5
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b17127645e28e1b26c3ec346f1c7ac17460c4e045792d8a8f833d62a6563c4ac
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b3450970145d515f86434588b11b40e6139dd372bdf54cfea06bf03c30c50f6a
b5c1bcc51a0fc369671760c1e59126004d7f75b1582cdf94e346c833cbbe26d4
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
bb3cc6af6f13fdac2b76ddb393d32a0e2dcbb082e2b98231b30348c13d9b9649
bdec2cf98067424804869b7686735623c4f6fb88ce27718d27619860481b7733
c1c71425fea475e25fa7124254f2f6c063d75b331d4baa5590755d5aae4dea86
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7e2921a37f5c22854cdc05fd93d7bd41779545ab46ea041c4d74c641a1104dd
c8817bacfc84fd39e4daec4096011ed3d117c7fe8b3c55fdd22af47c299099bc
c904ae145137bcd692647cce265539739e8ffd9f68bf1b9ec71c08abb7e8dcf5
cb175e0ebd0ac427296d63e4be3a4dc135d1bba28f5229ed7a0183c3f14e31ff
cef6147d9ceb91409c0a2515d4fd1715132e44849ecf448d8b9bdefc72359c95
d1423f2573b3d77e48b945b33eac6a8b71681a08beab2320bb81350407303da8
d44b68c7b3e659196a6a72662f4e2e903044d6e64a6a5c0002602711cd68a8fa
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
ddc2d8842e4e21c1cfe68e168737a5d49b858618ba76e21ba138d67d50492e48
def2bdad819d90c34a512f0ba96df4116b1c4d5088202f4a8778c075b4da1419
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e8b1012f16a7c0a81edf99671c9b9070b5a43cd55eb64d4f9ab8ca6a025647c0
e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6
e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
eb87966d6bb5e4869b7605181665130326730e86a82aef4591371fe6dc57f42a
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
edf4cc2a6568cffbf6b0c85cea42adb62f64a6f84c1643a30a2e603272f915c7
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f441cad51e7ddd328a4d0500a9c3f05f23acb049977aa537bf08afe3d37022b9
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e
f50163f76459c7f03c069fe703f151d6c833387c08019e3ca48fa762242ffffb
f7a97f7227c1a9fc4184df17098d638826b69d64787161e82405e5c0942a710e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ffe68cc7b6c2510995059071ae4d2c1398450c378d5f548c4722e8f9c72393de

securityaffairs.co Open in urlscan Pro 2001:8d8:100f:f000::289 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

212 Requests

95 %HTTPS

38 %IPv6

38 Domains

63 Subdomains

45 IPs

7 Countries

3477 kBTransfer

6197 kBSize

19 Cookies

18 Outgoing links

Redirected requests

212 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289 Public Scan

Screenshot
Live screenshot

Full Image

212
Requests

95 %
HTTPS

38 %
IPv6

38
Domains

63
Subdomains

45
IPs

7
Countries

3477 kB
Transfer

6197 kB
Size

19
Cookies

212 HTTP transactions
13 data transactions