For a few days, Fortiguard sends me this alert:
The packets come from the visitor wifi network and they are sent to google.com.
I sent a message to Fortinet support and waiting for the answer.
I assume it can be a false positive but the attack context in alert look like:
(not the real string but it contains some “AAAAA” and some base64 string).
How can I investigate further?