www.fortinet.com Open in urlscan Pro
2600:1f18:1492:1702:852f:d87f:6683:b05a  Public Scan

Submitted URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa#new_tab
Effective URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Submission: On January 16 via api from IN — Scanned from CA

Summary

This website contacted 82 IPs in 2 countries across 68 domains to perform 267 HTTP transactions. The main IP is 2600:1f18:1492:1702:852f:d87f:6683:b05a, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.fortinet.com. The Cisco Umbrella rank of the primary domain is 147793.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 16th 2024. Valid for: a year.
This is the only time www.fortinet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
66 2600:1f18:149... 14618 (AMAZON-AES)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
22 2600:1408:c40... 20940 (AKAMAI-AS...)
1 4 52.21.234.148 14618 (AMAZON-AES)
1 35.171.214.163 14618 (AMAZON-AES)
1 1 34.216.201.179 16509 (AMAZON-02)
1 63.140.38.236 14618 (AMAZON-AES)
3 2600:9000:27c... 16509 (AMAZON-02)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
7 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:27c... 16509 (AMAZON-02)
4 104.19.148.8 13335 (CLOUDFLAR...)
17 23.205.106.71 20940 (AKAMAI-AS...)
3 23.62.165.92 16625 (AKAMAI-AS)
2 34.86.70.109 396982 (GOOGLE-CL...)
4 52.72.224.227 14618 (AMAZON-AES)
1 2600:1408:c40... 20940 (AKAMAI-AS...)
2 64.202.112.127 23352 (SERVERCEN...)
1 5 172.253.63.99 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.31.149 15169 (GOOGLE)
2 75.2.108.141 16509 (AMAZON-02)
1 4 172.253.115.156 15169 (GOOGLE)
2 172.253.122.97 15169 (GOOGLE)
1 142.251.167.154 15169 (GOOGLE)
4 172.253.63.94 15169 (GOOGLE)
2 99.83.231.3 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 37.19.207.34 60068 (CDN77 Dat...)
2 3.17.249.218 16509 (AMAZON-02)
1 63.140.39.240 14618 (AMAZON-AES)
2 3.171.76.110 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.129.91 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.32.164.86 16509 (AMAZON-02)
3 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 74.121.140.211 30419 (PAEDAE-INC)
2 34.111.208.231 396982 (GOOGLE-CL...)
1 2a04:4e42::485 54113 (FASTLY)
2 44.226.187.177 16509 (AMAZON-02)
3 2602:816:5001... 54113 (FASTLY)
1 44.209.137.118 14618 (AMAZON-AES)
1 146.75.28.157 54113 (FASTLY)
2 2600:1408:ec0... 20940 (AKAMAI-AS...)
7 54.164.212.216 14618 (AMAZON-AES)
1 2 68.67.179.153 29990 (ASN-APPNEX)
1 3 68.67.179.164 29990 (ASN-APPNEX)
1 2600:9000:219... 16509 (AMAZON-02)
3 162.247.243.29 54113 (FASTLY)
21 24 35.194.66.159 396982 (GOOGLE-CL...)
3 3 2600:9000:230... 16509 (AMAZON-02)
3 3 142.251.179.157 15169 (GOOGLE)
2 2 35.211.148.126 19527 (GOOGLE-2)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 69.194.240.13 26120 (RHYTHMONE)
1 2 52.223.22.214 16509 (AMAZON-02)
1 2600:1f10:4ce... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 13.249.39.83 16509 (AMAZON-02)
1 1 2600:9000:27c... 16509 (AMAZON-02)
1 2 2600:9000:207... 16509 (AMAZON-02)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 63.251.28.211 26558 (FREEWHEEL)
2 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 3 2001:4998:14:... 14777 (YAHOO)
1 2 34.229.3.43 14618 (AMAZON-AES)
1 3.224.52.139 14618 (AMAZON-AES)
1 2 3.212.131.240 14618 (AMAZON-AES)
1 2 18.215.77.43 14618 (AMAZON-AES)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
1 1 172.253.122.156 15169 (GOOGLE)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
3 172.66.0.227 13335 (CLOUDFLAR...)
3 104.244.42.131 13414 (TWITTER)
1 52.22.50.55 14618 (AMAZON-AES)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2 172.253.62.148 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
1 104.21.48.1 13335 (CLOUDFLAR...)
1 54.203.236.163 16509 (AMAZON-02)
1 18.215.32.25 14618 (AMAZON-AES)
2 31.13.66.35 32934 (FACEBOOK)
2 44.235.191.156 16509 (AMAZON-02)
1 52.12.117.226 16509 (AMAZON-02)
4 4 35.71.131.137 16509 (AMAZON-02)
1 44.237.157.168 16509 (AMAZON-02)
267 82
Apex Domain
Subdomains
Transfer
67 fortinet.com
www.fortinet.com — Cisco Umbrella Rank: 147793
metrics.fortinet.com — Cisco Umbrella Rank: 344000
5 MB
26 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5037
i.simpli.fi — Cisco Umbrella Rank: 4533
um.simpli.fi — Cisco Umbrella Rank: 866
15 KB
22 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5650
c.6sc.co — Cisco Umbrella Rank: 6635
ipv6.6sc.co — Cisco Umbrella Rank: 5817
b.6sc.co — Cisco Umbrella Rank: 3773
eps.6sc.co — Cisco Umbrella Rank: 13280
v.eps.6sc.co — Cisco Umbrella Rank: 13786
24 KB
22 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 417
153 KB
14 doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 167
ad.doubleclick.net — Cisco Umbrella Rank: 155
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 279
10104846.fls.doubleclick.net — Cisco Umbrella Rank: 380239
9 KB
11 schemaapp.com
cdn.schemaapp.com — Cisco Umbrella Rank: 13448
data.schemaapp.com — Cisco Umbrella Rank: 18918
api.schemaapp.com — Cisco Umbrella Rank: 48450
24 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 342
170 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
820 KB
7 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2632
10 KB
6 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2483
tracking.crazyegg.com — Cisco Umbrella Rank: 4656
41 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 474
ib.adnxs.com — Cisco Umbrella Rank: 274
5 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
216 B
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3420
wave.outbrain.com — Cisco Umbrella Rank: 3459
tr.outbrain.com — Cisco Umbrella Rank: 3416
10 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 256
fortinet.demdex.net — Cisco Umbrella Rank: 381249
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
insight.adsrvr.org — Cisco Umbrella Rank: 947
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
px4.ads.linkedin.com — Cisco Umbrella Rank: 7068
2 KB
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 4771
px.mountain.com — Cisco Umbrella Rank: 4961
gs.mountain.com — Cisco Umbrella Rank: 10564
11 KB
4 google.ca
www.google.ca — Cisco Umbrella Rank: 12101
256 B
3 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1030
842 B
3 t.co
t.co — Cisco Umbrella Rank: 943
2 KB
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1994
ups.analytics.yahoo.com — Cisco Umbrella Rank: 537
576 B
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 590
2 KB
3 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 265
1 KB
3 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 633
55 KB
3 contanuity.com
intentstream.contanuity.com — Cisco Umbrella Rank: 84344
tracking.contanuity.com — Cisco Umbrella Rank: 23030
1 KB
3 argusplatform.com
tmp.argusplatform.com — Cisco Umbrella Rank: 377294
pixels.argusplatform.com — Cisco Umbrella Rank: 374429
webtracker.argusplatform.com — Cisco Umbrella Rank: 387693
4 KB
3 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 26159
ibc-flow.techtarget.com — Cisco Umbrella Rank: 22652
2 KB
3 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 6839
api.omappapi.com — Cisco Umbrella Rank: 6859
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 358
15 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
75 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 500
506 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 464
832 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 890
895 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1042
781 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2287
2 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2653
868 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1046
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 525
d.agkn.com — Cisco Umbrella Rank: 796
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 461
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 405
974 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 871
589 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 2819
871 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 785
24 KB
2 demandscience.com
abm-tracking.demandscience.com — Cisco Umbrella Rank: 81063
3 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 9079
654 B
1 steelhousemedia.com
px.steelhousemedia.com — Cisco Umbrella Rank: 13659
319 B
1 siteimproveanalytics.io
6033413.global.siteimproveanalytics.io — Cisco Umbrella Rank: 349065
149 B
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 3631
12 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 403
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 88
23 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 766
569 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1279
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
656 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 885
514 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6998
175 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 498
99 B
1 inzynk.io
tags.inzynk.io — Cisco Umbrella Rank: 206146
435 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1051
16 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 301
14 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 3799
712 B
1 mutinycdn.com
client-registry.mutinycdn.com — Cisco Umbrella Rank: 19221
21 KB
1 opmnstr.com
a.opmnstr.com — Cisco Umbrella Rank: 33742
17 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
1 omtrdc.net
fortinet.tt.omtrdc.net — Cisco Umbrella Rank: 351651
841 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1590
490 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
295 B
0 bluekai.com Failed
stags.bluekai.com Failed
267 68
Domain Requested by
66 www.fortinet.com www.fortinet.com
24 um.simpli.fi 21 redirects
22 assets.adobedtm.com www.fortinet.com
15 b.6sc.co www.fortinet.com
11 cdn.cookielaw.org www.fortinet.com
9 www.googletagmanager.com www.fortinet.com
www.googletagmanager.com
7 tags.srv.stackadapt.com www.fortinet.com
js-agent.newrelic.com
5 www.google.com 1 redirects www.googletagmanager.com
www.fortinet.com
4 www.google.ca www.fortinet.com
4 googleads.g.doubleclick.net 1 redirects www.fortinet.com
4 td.doubleclick.net www.fortinet.com
4 api.schemaapp.com www.fortinet.com
4 script.crazyegg.com www.fortinet.com
script.crazyegg.com
4 data.schemaapp.com www.fortinet.com
4 dpm.demdex.net 1 redirects www.fortinet.com
3 match.adsrvr.org 3 redirects
3 px.ads.linkedin.com 1 redirects www.fortinet.com
3 analytics.twitter.com
3 t.co
3 cm.g.doubleclick.net 3 redirects
3 s.ad.smaato.net 3 redirects
3 bam.nr-data.net www.fortinet.com
3 ib.adnxs.com 1 redirects
3 js-agent.newrelic.com www.fortinet.com
3 bat.bing.com www.fortinet.com
3 cdn.schemaapp.com www.fortinet.com
2 px.mountain.com www.fortinet.com
2 www.facebook.com
2 connect.facebook.net www.fortinet.com
2 10104846.fls.doubleclick.net 1 redirects www.fortinet.com
2 us-u.openx.net 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 ups.analytics.yahoo.com
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com 1 redirects
2 pixel.tapad.com 1 redirects
2 eb2.3lift.com 1 redirects
2 capi.connatix.com 1 redirects
2 ads.creative-serving.com 2 redirects
2 secure.adnxs.com 1 redirects
2 snap.licdn.com www.fortinet.com
2 intentstream.contanuity.com www.fortinet.com
2 ibc-flow.techtarget.com www.fortinet.com
2 abm-tracking.demandscience.com www.fortinet.com
2 a.omappapi.com www.fortinet.com
js-agent.newrelic.com
2 v.eps.6sc.co www.fortinet.com
2 tracking.crazyegg.com script.crazyegg.com
2 eps.6sc.co www.fortinet.com
2 epsilon.6sense.com www.fortinet.com
2 tr.outbrain.com www.fortinet.com
2 amplify.outbrain.com www.fortinet.com
1 insight.adsrvr.org 1 redirects
1 px.steelhousemedia.com
1 gs.mountain.com www.fortinet.com
1 webtracker.argusplatform.com www.fortinet.com
1 6033413.global.siteimproveanalytics.io
1 tracking.contanuity.com www.fortinet.com
1 siteimproveanalytics.com www.fortinet.com
1 px4.ads.linkedin.com
1 pixel.rubiconproject.com
1 www.googleadservices.com 1 redirects
1 pippio.com
1 sync.bfmio.com
1 cms.analytics.yahoo.com 1 redirects
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.1rx.io
1 tags.inzynk.io www.fortinet.com
1 static.ads-twitter.com www.fortinet.com
1 dx.mountain.com www.fortinet.com
1 i.simpli.fi www.fortinet.com
1 pixels.argusplatform.com www.fortinet.com
1 cdn.jsdelivr.net www.fortinet.com
1 pixel.mathtag.com www.fortinet.com
1 tmp.argusplatform.com www.fortinet.com
1 trk.techtarget.com www.fortinet.com
1 client-registry.mutinycdn.com www.fortinet.com
1 api.omappapi.com www.fortinet.com
1 metrics.fortinet.com www.fortinet.com
1 a.opmnstr.com www.fortinet.com
1 www.google-analytics.com www.fortinet.com
1 ad.doubleclick.net www.fortinet.com
1 wave.outbrain.com www.fortinet.com
1 ipv6.6sc.co www.fortinet.com
1 c.6sc.co www.fortinet.com
1 tag.simpli.fi www.fortinet.com
1 j.6sc.co www.fortinet.com
1 fortinet.tt.omtrdc.net www.fortinet.com
1 cm.everesttech.net 1 redirects
1 fortinet.demdex.net www.fortinet.com
1 geolocation.onetrust.com www.fortinet.com
0 stags.bluekai.com Failed
267 98
Subject Issuer Validity Valid
*.fortinet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-16 -
2025-07-15
a year crt.sh
cookielaw.org
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
geolocation.onetrust.com
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-09 -
2025-08-09
a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-25 -
2025-10-26
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2025-03-28
a year crt.sh
cdn.schemaapp.com
Amazon RSA 2048 M03
2024-11-27 -
2025-12-25
a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08
2024-12-15 -
2025-06-13
6 months crt.sh
*.google-analytics.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.schemaapp.com
Amazon RSA 2048 M02
2024-08-20 -
2025-09-17
a year crt.sh
script.crazyegg.com
E5
2024-11-27 -
2025-02-25
3 months crt.sh
6sc.co
R11
2024-12-20 -
2025-03-20
3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2024-12-09 -
2025-12-09
a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-11-13 -
2025-12-14
a year crt.sh
*.google.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.doubleclick.net
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
epsilon.6sense.com
Amazon RSA 2048 M02
2024-10-02 -
2025-11-01
a year crt.sh
*.g.doubleclick.net
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.google.ca
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
eps.6sc.co
Amazon RSA 2048 M03
2024-08-27 -
2025-09-25
a year crt.sh
a.opmnstr.com
R10
2024-12-19 -
2025-03-19
3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02
2024-06-30 -
2025-07-30
a year crt.sh
metrics.fortinet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-27 -
2026-01-27
a year crt.sh
v.eps.6sc.co
Amazon RSA 2048 M03
2024-09-06 -
2025-10-05
a year crt.sh
a.omappapi.com
R10
2024-12-19 -
2025-03-19
3 months crt.sh
omappapi.com
WE1
2024-12-11 -
2025-03-11
3 months crt.sh
client-registry.mutinycdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q4
2025-01-07 -
2026-02-08
a year crt.sh
trk.techtarget.com
WE1
2025-01-16 -
2025-04-16
3 months crt.sh
abm-tracking.demandscience.com
R11
2024-12-12 -
2025-03-12
3 months crt.sh
tmp.argusplatform.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-09-09 -
2025-03-09
6 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-23 -
2025-04-30
a year crt.sh
ibc-flow.techtarget.com
WR3
2024-12-20 -
2025-03-20
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
intentstream.contanuity.com
E5
2024-12-15 -
2025-03-15
3 months crt.sh
pixels.argusplatform.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-09-08 -
2025-03-08
6 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2
2024-05-23 -
2025-06-24
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2024-12-02 -
2025-12-01
a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03
2024-08-09 -
2025-09-06
a year crt.sh
*.inzynk.io
Amazon RSA 2048 M02
2024-12-07 -
2026-01-05
a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-12 -
2025-08-12
a year crt.sh
t.co
E6
2024-11-26 -
2025-02-24
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-07 -
2025-10-06
a year crt.sh
52.22.50.55
Sectigo RSA Domain Validation Secure Server CA
2024-01-26 -
2025-02-14
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-10-25 -
2025-01-23
3 months crt.sh
siteimproveanalytics.com
WE1
2024-12-15 -
2025-03-15
3 months crt.sh
tracking.contanuity.com
R11
2025-01-10 -
2025-04-10
3 months crt.sh
*.global.r1.siteimproveanalytics.io
Amazon RSA 2048 M02
2024-09-02 -
2025-10-01
a year crt.sh
webtracker.argusplatform.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-09-09 -
2025-03-09
6 months crt.sh

This page contains 9 frames:

Primary Page: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Frame ID: F7466F8701AC89AEB1FA54009188655E
Requests: 248 HTTP requests in this frame

Frame: https://fortinet.demdex.net/dest5.html?d_nsid=0
Frame ID: C9A840CAD8CC8B0165300ADD971BA88E
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0117/0786/site/www.fortinet.com.json?t=1
Frame ID: 9B1B318199855B0904D506C58A08FD6C
Requests: 3 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10050195;npa=0;auiddc=451555313.1737029189;ps=1;pcor=1306215056;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51d0v9185241837za200zb893708426;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102123607~102198178;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Frame ID: 8013FF192CDDB7EEBAD6E728C18D10DC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/609297413?random=1737029189393&cv=11&fst=1737029189393&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&hn=www.googleadservices.com&frm=0&tiba=Burning%20Zero%20Days%3A%20Suspected%20Nation-State%20Adversary%20Targets%20Ivanti%20CSA%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=451555313.1737029189&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: E9201530616BE48328F00C0D372C9B6C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/662878185?random=1737029189485&cv=11&fst=1737029189485&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51d0v887005625za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&hn=www.googleadservices.com&frm=0&tiba=Burning%20Zero%20Days%3A%20Suspected%20Nation-State%20Adversary%20Targets%20Ivanti%20CSA%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=451555313.1737029189&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: B5C867C9CCBFF3241BF24463959B6108
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/51f0/sw_iframe.html?origin=https%3A%2F%2Fwww.fortinet.com
Frame ID: 188345073444D1F9DEDF80B09C946D8F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/729495989?random=1737029189630&cv=11&fst=1737029189630&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa&hn=www.googleadservices.com&frm=0&tiba=Burning%20Zero%20Days%3A%20Suspected%20Nation-State%20Adversary%20Targets%20Ivanti%20CSA%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=451555313.1737029189&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 10DD0F0443A70AB554A10491CF469126
Requests: 1 HTTP requests in this frame

Frame: https://10104846.fls.doubleclick.net/activityi;dc_pre=CLT9nv-Z-ooDFXMciAkdAwU0DQ;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Frame ID: 3A1350B21A185EF094F586172EAA73C0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA | FortiGuard Labs

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
  • /etc\.clientlibs/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /fingerprintjs@(\d)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

267
Requests

88 %
HTTPS

27 %
IPv6

68
Domains

98
Subdomains

82
IPs

2
Countries

6655 kB
Transfer

10821 kB
Size

119
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://cm.everesttech.net/cm/dd?d_uuid=38844125308485174730110259463038957373 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4j2RQAAALsogANx
Request Chain 191
  • https://secure.adnxs.com/px?id=1773420&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1773420%26t%3D2
Request Chain 192
  • https://ib.adnxs.com/seg?add=36113683 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D36113683
Request Chain 195
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=e61c3fb649&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002170%26dspCookie%3D%24%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=, HTTP 302
  • https://ads.creative-serving.com/ul_cb/cm?redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002170%26dspCookie%3D%24%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=, HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1002170&dspCookie=7a21adec-616b-43ab-960a-129e0e368ff3&gdpr=0&gdpr_consent=,&gdpr=0&gdpr_consent=, HTTP 302
  • https://capi.connatix.com/us/pixel?puid=e61c3fb649&pId=48&gdpr=0&gdpr_consent=,,,&us_privacy={usPrivacyString} HTTP 302
  • https://capi.connatix.com/us/pixel?puid=e61c3fb649&pId=48&gdpr=0&gdpr_consent=,,,&us_privacy={usPrivacyString}&final=true
Request Chain 196
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 197
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=CE41FD33B1D74837B3F673261D0BC2E0&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=CE41FD33B1D74837B3F673261D0BC2E0&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 198
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 199
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 200
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1737029191241&ip=167.114.209.103&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212640605129008741955 HTTP 302
  • https://um.simpli.fi/aa_px?sk=212640605129008741955 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 201
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CE41FD33B1D74837B3F673261D0BC2E0&ckls=true&ci=YRVNGagZzE&nc=false&trid=123090079
Request Chain 202
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 203
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 204
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=CE41FD33B1D74837B3F673261D0BC2E0;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=CE41FD33B1D74837B3F673261D0BC2E0;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
Request Chain 205
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=CE41FD33B1D74837B3F673261D0BC2E0&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=CE41FD33B1D74837B3F673261D0BC2E0&j=0&xl8blockcheck=1
Request Chain 206
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 207
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 208
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 209
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 210
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=CE41FD33B1D74837B3F673261D0BC2E0&dnr=1
Request Chain 211
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogQ0U0MUZEMzNCMUQ3NDgzN0IzRjY3MzI2MUQwQkMyRTAQABoNCMfso7wGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0b32fcdfa5304118da463e54762788cd1765630c00915594d66ff4745191c76a791426b5417dce21&_=2
Request Chain 212
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1737029190838&cv=7&fst=1737029190838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=92059228&cv=7&fst=1737029190838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOzMsQI&pscrd=IhMIxbmZ_5n6igMV6UtHAR24kSCjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5mb3J0aW5ldC5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=92059228&cv=7&fst=1737029190838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOzMsQI&pscrd=IhMIxbmZ_5n6igMV6UtHAR24kSCjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5mb3J0aW5ldC5jb20v&is_vtc=1&cid=CAQSKQCa7L7dVejk2MR2wA6cVncP_XOUmrnRyWSst-ZLQBXysRb45vmcOrvk&random=1595367290 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/1026675585/?random=92059228&cv=7&fst=1737029190838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOzMsQI&pscrd=IhMIxbmZ_5n6igMV6UtHAR24kSCjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5mb3J0aW5ldC5jb20v&is_vtc=1&cid=CAQSKQCa7L7dVejk2MR2wA6cVncP_XOUmrnRyWSst-ZLQBXysRb45vmcOrvk&random=1595367290&ipr=y
Request Chain 214
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 215
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CE41FD33B1D74837B3F673261D0BC2E0&expires=365
Request Chain 216
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=CE41FD33B1D74837B3F673261D0BC2E0
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEGD7fltHYdZrOy9Qpfghkzc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CE41FD33B1D74837B3F673261D0BC2E0 HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 228
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1737029191063&li_adsId=f09342b2-cebb-4133-b61b-8370906c7984&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa%23new_tab HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1737029191063&li_adsId=f09342b2-cebb-4133-b61b-8370906c7984&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fburning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa%23new_tab&e_ipv6=AQK_-O_sfwXq1gAAAZRvAga4ZUGnbZvWWOSv8AhVIp7M3U532txxdn1xFC9Mxl--5of6Cy0wlw
Request Chain 231
  • https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa HTTP 302
  • https://10104846.fls.doubleclick.net/activityi;dc_pre=CLT9nv-Z-ooDFXMciAkdAwU0DQ;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Request Chain 251
  • https://match.prod.bidr.io/cookie-sync/contanuity?buyer_user_id=58d0314c08f435da2e1fccee497d419a_1737029191000 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/contanuity?buyer_user_id=58d0314c08f435da2e1fccee497d419a_1737029191000&_bee_ppp=1 HTTP 303
  • https://tracking.contanuity.com/usersync?bwcookie=AAelnU7PEe0AABbj5Iidbw
Request Chain 259
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=53f6a20e-d402-11ef-a10b-5d59a7d5a00f&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=53f6a20e-d402-11ef-a10b-5d59a7d5a00f&gdpr=&gdpr_consent= HTTP 302
  • https://px.steelhousemedia.com/tdsync?tdid=b605f4fb-0244-42ea-a8af-dbcf7072090d&shguid=53f6a20e-d402-11ef-a10b-5d59a7d5a00f
Request Chain 260
  • https://insight.adsrvr.org/track/evnt/?adv=6s0zaeu&ct=0:0bi0elf&fmt=3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=bc625d12-c4ce-4656-baec-2394036ee882&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=b605f4fb-0244-42ea-a8af-dbcf7072090d

267 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
www.fortinet.com/blog/threat-research/
195 KB
60 KB
Document
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
57ae4055df87a2ec866a7301d1b8ec113638bf389a0d14a400fdc249ab25ddde
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
27613
Cache-Control
max-age=600, public, s-maxage=10800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
59887
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Content-Type
text/html;charset=utf-8
Date
Thu, 16 Jan 2025 12:06:26 GMT
ETag
W/"30a94-62bcb31ad69a5-gzip"
Last-Modified
Thu, 16 Jan 2025 04:26:12 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 88a7e866306713399fc5cc17ac5a2e0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8ByeXhMg07tZSXmIBF_1giQIQV0IYxaHpGJsI5DOV0Dxq5_kRKWQzg==
X-Amz-Cf-Pop
IAD61-P4
X-Cache
Miss from cloudfront
X-Content-Type-Options
nosniff
X-Dispatcher
dispatcher1uswest1-28559594
X-Frame-Options
SAMEORIGIN
X-Vhost
publish
X-XSS-Protection
1; mode=block
visitorapi.min.js
www.fortinet.com/etc/designs/fortinet/adb-target/
64 KB
30 KB
Script
General
Full URL
https://www.fortinet.com/etc/designs/fortinet/adb-target/visitorapi.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"fe2d-6117284c96900-gzip"
Age
296503
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
uO9S6u_styqCJ-dXIcKMg-rxlU0kxoS6WLaoc87leEYc2X5Fak_SLw==
Date
Mon, 13 Jan 2025 01:44:44 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 15 Feb 2024 21:43:32 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 88a7e866306713399fc5cc17ac5a2e0a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
29532
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
at.js
www.fortinet.com/etc/designs/fortinet/adb-target/
104 KB
48 KB
Script
General
Full URL
https://www.fortinet.com/etc/designs/fortinet/adb-target/at.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"19e83-61431fc4b24c0-gzip"
Age
251042
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
eGHwbmizBw_Jim2AdYQnvcPAm60eqXMjPEY0Yv6ozm_SQi7D9Z6o9A==
Date
Mon, 13 Jan 2025 14:22:25 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 21 Mar 2024 20:59:39 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
47782
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
clientlib-base.min.a481c5d02b08d2f84740bf718a81da12.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/
545 KB
29 KB
Stylesheet
General
Full URL
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.a481c5d02b08d2f84740bf718a81da12.css
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
8681c18a1ee29b198c595cc1cf0be037366b8b23f57da21d9180392a6866e2cb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"88467-62b4d00abd000-gzip"
Age
569132
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
tQA4o6i-uXtzXrNLQ9kzzINGG4E473h9a_Eqplb0hz03sbjcGs2utA==
Date
Thu, 09 Jan 2025 22:00:55 GMT
Content-Type
text/css;charset=utf-8
Last-Modified
Thu, 09 Jan 2025 21:53:04 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
28353
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e5401f96ca9a7fc38248bf9469bdc7006f53de52d7abfec96f4a39cf665d6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
TR3+yr7DZCz8Fh2PJMSBjQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD35EB4B5031DB
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
8524
x-content-type-options
nosniff
date
Thu, 16 Jan 2025 12:06:27 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 05:04:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
f20e7a0d-c01e-0033-7edd-67caa7000000
cf-ray
902dfac57c87a2fc-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
7211
x-ms-blob-type
BlockBlob
server
cloudflare
fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/
32 KB
3 KB
Image
General
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/fortinet-logo-white.svg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"7ebb-565d53a1d6e40-gzip"
Age
44233506
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
l6Uf7OnUDh5dfVpLj_oxXDyaxwWMmLEznI27NrkUNHQyW-w7rf-gUQ==
Date
Thu, 16 Jan 2025 12:01:46 GMT
Content-Type
image/svg+xml
Content-Disposition
attachment; filename="fortinet-logo-white.svg"
Vary
Accept-Encoding
Last-Modified
Thu, 22 Feb 2018 23:16:01 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 3d0c14144ce4a7fd9b3fd5f94407ec7e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
1998
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
toc-icon.jpg
www.fortinet.com/content/dam/fortinet/images/
1 KB
3 KB
Image
General
Full URL
https://www.fortinet.com/content/dam/fortinet/images/toc-icon.jpg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"4fd-60a2031eb4f40"
Age
37045923
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
ro7vPw8Pbv8CUpSOvLrs7LBoZ0ynVXj71gOWvfZhkrjf5H5neCs-ng==
Date
Thu, 16 Jan 2025 12:06:27 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 14 Nov 2023 17:34:13 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 d0c7523233c2ce4a1a420cfda612235a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
1277
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/
160 KB
74 KB
Script
General
Full URL
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"28100-61cff12ce1d80-gzip"
Age
6611364
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
5BdX6qSArY74nRmBqK3yZPQecf_GSpO3aDhdtsJ1fQKkjOuKTbFDQg==
Date
Thu, 16 Jan 2025 12:01:46 GMT
Content-Type
application/javascript;charset=utf-8
Vary
Accept-Encoding
Last-Modified
Thu, 11 Jul 2024 21:01:58 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 3d0c14144ce4a7fd9b3fd5f94407ec7e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
74768
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
f85f39fc-d7aa-467a-b762-fbb722748016.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/
6 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/f85f39fc-d7aa-467a-b762-fbb722748016.json
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21994b28ae9425b76c8a8dec4ad36df0a0f603c9a53db34dc74e59cf9a0639b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
zdgH+rK6XGzrBwTKi8eOeA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD1BA4717C9D65
age
56508
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Fri, 17 Jan 2025 12:06:27 GMT
date
Thu, 16 Jan 2025 12:06:27 GMT
content-type
application/json
last-modified
Fri, 13 Dec 2024 18:32:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
acb53048-701e-0021-698d-4dfebb000000
cf-ray
902dfac63f9da275-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1821
x-ms-blob-type
BlockBlob
server
cloudflare
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
ivanti-hero.jpg
www.fortinet.com/content/dam/fortinet-blog/article-heros/
220 KB
222 KB
Image
General
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-heros/ivanti-hero.jpg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
18041a7dd2be9d4ba5469edca86d5bd763e3bdcae7a83c5559c618bf4be83f0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"3715e-6242cd5d60d40"
Age
8360964
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
FcVEpVrh3AggK7Pv24cqX29Ek5HlV1xy8s_rwckRF_ZSypwRxI3NdA==
Date
Thu, 16 Jan 2025 12:06:27 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 05:34:05 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 3d0c14144ce4a7fd9b3fd5f94407ec7e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
225630
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
siemens-vuln-discovery-center-thumb.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/
146 KB
147 KB
Image
General
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-images/siemens-vuln-discovery-center-thumb.jpg.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
b3f4fd3661f04c2c6374215073e85cb8c5c938ee783677f40e85151989c39d97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"24631-5e417b82eaa40"
Age
44230454
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
W-bpooronNyu2pwoDCseBTPDtjAwUvvZIA_pZv5JsS6Txs3AKw_oWA==
Date
Thu, 16 Jan 2025 12:06:27 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Jul 2022 17:30:09 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
149041
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
ransomware-roundup-thumb.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/
142 KB
144 KB
Image
General
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-images/ransomware-roundup-thumb.jpg.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
727d19bf895438013bb188825e546dd6e61f80c2a4ea8e7b6e978b96bab546f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"23995-5e41c8188d9c0"
Age
44232393
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
4S3aHWIypAwDN7ivkRxsfSgmHN3SAiqJ-WC91U9gqDpChbmkwcZz3g==
Date
Thu, 16 Jan 2025 12:06:27 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Jul 2022 23:12:47 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
145813
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
MOVEIT-THUMB.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/
124 KB
126 KB
Image
General
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-images/MOVEIT-THUMB.jpg.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
443f47f0ae01cec5b4bc117dffb451485e147a54865efa7c820320e68cb55909
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"1f0d8-5fd8fff10e040"
Age
44232442
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
z5Hwe23fy0okKcQnKcVcS6q4Wt3FjccNZoobB2VekYhSpk_c3yATIw==
Date
Thu, 16 Jan 2025 12:06:27 GMT
Content-Type
image/png
Last-Modified
Wed, 07 Jun 2023 20:29:45 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 88a7e866306713399fc5cc17ac5a2e0a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
127192
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
www.fortinet.com/etc/designs/fortinet/gfonts/
37 KB
38 KB
Font
General
Full URL
https://www.fortinet.com/etc/designs/fortinet/gfonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.a481c5d02b08d2f84740bf718a81da12.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.fortinet.com
Referer
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.a481c5d02b08d2f84740bf718a81da12.css

Response headers

X-Vhost
publish
ETag
"9354-5df4fa74ff980"
Age
794097
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
tDqD9b_IA5u6nbO2o0L1Zo1RFgTTWLHeKN2gg5iWcUj4Amtz_255Dg==
Date
Tue, 07 Jan 2025 07:31:30 GMT
Content-Type
application/octet-stream
Last-Modified
Wed, 18 May 2022 21:08:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=2000000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 d0c7523233c2ce4a1a420cfda612235a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
37716
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
295 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
902dfac948e6a2ff-YUL
access-control-allow-origin
*
date
Thu, 16 Jan 2025 12:06:28 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
ivanti-web-request-client-index.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image.img.jpeg/1728620161388/
46 KB
47 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image.img.jpeg/1728620161388/ivanti-web-request-client-index.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
26b37b2982358112ad578340484a7de6274a19db3fb6ea13f0b4e2d89e35f566
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"b76f-6242bbea5e240"
Age
8068564
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
IMBL0vjqD8qCqJfJnLfDNFEdud0Eau_sSWQ4Etvwmstc_Xqpu1C1Qg==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:16:01 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
46959
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig01-ivanti-gui-dl-landesk.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1172236801.img.jpeg/1728620210875/
93 KB
94 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1172236801.img.jpeg/1728620210875/fig01-ivanti-gui-dl-landesk.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
1d3e1ffd86a5653412775034689e08d77352a1a255038f3cf953b76318ac946a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"1733a-6242bc1919080"
Age
8068520
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
aEwhGwEJ1EAb_MsH1e9tc5Jem274i8Fvq6RQ6PLboj1C23B4HrkX8Q==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:16:50 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 d0c7523233c2ce4a1a420cfda612235a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
95034
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig02-ivanti-redirection-download.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2006588417.img.jpeg/1728620263874/
15 KB
16 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2006588417.img.jpeg/1728620263874/fig02-ivanti-redirection-download.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
933ddaeb7b389ab0803e3e7a1124cd51dcd097514e5e1cff4d4cef50b219779e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"3bfd-6242bc4ba47c0"
Age
8068516
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
aKP8wvkqfYn5y8vtYse4P6ieFbU3q15penVUWjDn1ouFmEwXc_xjPQ==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:17:43 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 37b24eb2de6c1739f649810b6a7d81f8.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
15357
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig03-ivanti-redirection-ondemand.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_184115790.img.jpeg/1728620317634/
8 KB
9 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_184115790.img.jpeg/1728620317634/fig03-ivanti-redirection-ondemand.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
17095b0dfaded492b73f4f6a30412ecb2f7a87a2ebd1f8963d5c5cee3db937bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"2011-6242bc7f24140"
Age
8068564
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
kgaTT1V4Pucmz1fDkWLsDQFVJoKZusZxybGxnfMNsU0GWbzAYFs7bQ==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:18:37 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
8209
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig04-ivanti-code-vulnerable.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_853574561.img.jpeg/1728620365076/
44 KB
46 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_853574561.img.jpeg/1728620365076/fig04-ivanti-code-vulnerable.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
80979b936a389e029f1d96f9b57e39257416add377d59a14c91708c48cc60ae2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"b104-6242bcacead40"
Age
8068563
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
Hy8B7CSsYERef8IA1chJaLNQbYkisNrf6qbJsCxqkzwWf-P8Gvxu4A==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:19:25 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
45316
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
ivanti-client-index-gsb-users.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_870303825.img.jpeg/1728620426185/
17 KB
18 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_870303825.img.jpeg/1728620426185/ivanti-client-index-gsb-users.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
f53109bc9c1f5eba5a8e47a82b8a8e12de6fdd2c81f0a5320d5cd457708a5324
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"43b0-6242bce717680"
Age
8068347
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
mCdr-54yxZf2TApnLRYswvs8j74CTgH2COP9jHZzz8HXd_ErR26u3w==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:20:26 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 88a7e866306713399fc5cc17ac5a2e0a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
17328
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig05-ivanti-path-traversal.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1543583598.img.jpeg/1728620510929/
59 KB
60 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1543583598.img.jpeg/1728620510929/fig05-ivanti-path-traversal.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
cbe67b5b6fa27d2f9d4f18dba4f940ce8c4a3dbcab1541b5b1023ce4dcea66e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"ebd4-6242bd3733380"
Age
8068563
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
xen70xfzet47dqECcvXQxl_tJY4VYpXvBmgvdcQI8DtMsAqzR1t4mA==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:21:50 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 3d0c14144ce4a7fd9b3fd5f94407ec7e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
60372
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig06-ivanti-path-traversal-vulnerability.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1413617697.img.jpeg/1728620553579/
126 KB
127 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1413617697.img.jpeg/1728620553579/fig06-ivanti-path-traversal-vulnerability.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
a364f8998ea88f243a482109d256626e8d7cb72a05eac69ac608c27435241a65
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"1f626-6242bd6035440"
Age
8068519
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
IfWvyfZ7OJrtSP9x8SEY2QERMfw_ZZkadNEAFXfNnzpa89nqkLDkRA==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:22:33 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
128550
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
ivanti-csa-management-console.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2028077941.img.jpeg/1728620592057/
31 KB
32 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_2028077941.img.jpeg/1728620592057/ivanti-csa-management-console.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
d4edec0e6d150110e180ad38f47e5eab79358d5df97f12e15c73a4b538863451
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"7ada-6242bd8566c00"
Age
8068519
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
ZKuyWYn0-z4KJSjz2cfgmptkcVTQ9LCpR4dRXg6DxVV8FWewQcY3KA==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:23:12 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 37b24eb2de6c1739f649810b6a7d81f8.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
31450
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig07-ivanti-sqli-vulnerabilty-exploitation.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_288801384.img.jpeg/1728620655617/
173 KB
174 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_288801384.img.jpeg/1728620655617/fig07-ivanti-sqli-vulnerabilty-exploitation.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
ad15ab06d640d365a00d41e146660addb01348b2f6878f6ffdc1dc428c67cc19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"2b2af-6242bdc17b9c0"
Age
8068562
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
UbYslrB_LVanmVICA-D_AfkHtaC6-9-V4dB52AzgBtwh0w_UiJZSiw==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:24:15 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
176815
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig08-ivanti-setting-timezone-value.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_512758081.img.jpeg/1728620707132/
25 KB
26 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_512758081.img.jpeg/1728620707132/fig08-ivanti-setting-timezone-value.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
0e6e31465592638aaa036384d85ebd6e6c56b9178591bceea4a0b815dd06d535
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"6205-6242bdf312ec0"
Age
8068516
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
2g4fINcg3kz6xS8MV0eRre0ZKGSC7wUHm_Oim4YB-ik1QGvboAc2yw==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:25:07 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 d0c7523233c2ce4a1a420cfda612235a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
25093
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig09-ivanti-vulnerabie-function.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_156964748.img.jpeg/1728620764864/
29 KB
31 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_156964748.img.jpeg/1728620764864/fig09-ivanti-vulnerabie-function.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
7c37b5d2c568700acb5aa4d6fc9ece9bc0df8882dc473d944a854ade711a696c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"758d-6242be296ef00"
Age
8068516
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
GVnLZ6ezTq64yibuVzh8KFzDxuHDfPWDS9e4SxewTQQMBLRZrtjfCg==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:26:04 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 88a7e866306713399fc5cc17ac5a2e0a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
30093
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig10-ivanti-time-zone-change.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_546641334.img.jpeg/1728620805020/
58 KB
59 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_546641334.img.jpeg/1728620805020/fig10-ivanti-time-zone-change.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
ec5a240780ab83205367dfb9274a408269d2a10d837164fe39eebabd757d9e7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"e618-6242be5088b40"
Age
8068519
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
m2ruMNp3iKq8rnm4hfwXMC5kgO_CdSSbY33eTY2kHizLYnslPXiFRw==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:26:45 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 88a7e866306713399fc5cc17ac5a2e0a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
58904
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig11-ivanti-post-variable-timezone.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_879745814.img.jpeg/1728620849864/
87 KB
89 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_879745814.img.jpeg/1728620849864/fig11-ivanti-post-variable-timezone.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
f21e3a5a80821feb91e7bb84d525742fd137c4b336f3ff3f1bb15dc2fcae9d70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"15d27-6242be7a7ee40"
Age
8068562
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
wqkAjLcFwOiku2l8E8WV-b-SF452yPIn6lzloy4MuCxm5j7PuJLVMA==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:27:29 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
89383
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig12-ivanti-decoded-base64.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1686730515.img.jpeg/1728620888293/
112 KB
114 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_1686730515.img.jpeg/1728620888293/fig12-ivanti-decoded-base64.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
8af6fb23ba1c0a4860476b240ba2d05c02ff018f1a93d2caadf7301ed87223d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

Response headers

X-Vhost
publish
ETag
"1c1e7-6242be9fb0600"
Age
8068516
X-Content-Type-Options
nosniff
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
SOBCr39t-nWscZ1QY_XbAQysd4fVVrMqpmUzLo5FvaKfOVt6gGqFHQ==
Date
Thu, 16 Jan 2025 12:06:28 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 11 Oct 2024 04:28:08 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 3d0c14144ce4a7fd9b3fd5f94407ec7e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
115175
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig13-ivanti-broker-conf.jpeg
www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_658029349.img.jpeg/1728620938935/
31 KB
32 KB
Image
General
Full URL
https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa/_jcr_content/root/responsivegrid/table_content/par/image_658029349.img.jpeg/1728620938935/fig13-ivanti-broker-conf.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1702:852f:d87f:6683:b05a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
0968bbb30f1aef951bb770793756fca4fd75cce26bce318ace9c6e31deddf7f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block