On Wed, Jan 7, 2015 at 11:25 AM, Aleksejs Popovs <popoffka@gmail.com> wrote:
Also interesting is the HTTPS cert they're using, which you can find
in the log. It is issued by Fortinet, an American company that's
apparently known for this sort of thing, and the issuer's CN
(FGT1KC3913801932) looks like a serial number.
Are we sure that the Fortinet cert has originated from a network intermediary? Interestingly, the HTTP header of "Server: BigIP" is associated with Fortinet as well (I see the HTTP header but not the SSL cert).