labs.watchtowr.com Open in urlscan Pro
2a04:4e42:600::775  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1732102022478&url=https%3A%2F%2Flabs.watchtowr.com%2Fhop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575%2F HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1732102022478&url=https%3A%2F%2Flabs.watchtowr.com%2Fhop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575%2F&e_ipv6=AQLcbb1MXb9GOAAAAZNJU2Xov87CWMp53fbZ50_8oq5nehqLYMJkpv0X-okWUt5WdATb-3oAF993LVOD67FTmFKv51NLeQ

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/	64 KB 20 KB	100ms 22ms	Document text/html	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash a842fe1a91bf43a7157f8316283479c2bea0a4a6a781a7c5880c6fe99be9a21d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 15079 alt-svc clear cache-control public, max-age=0 content-encoding gzip content-length 20418 content-type text/html; charset=utf-8 date Wed, 20 Nov 2024 11:27:02 GMT etag W/"fe44-nl6mYs7i8qjCqHe9se2/oih4Cjc" ghost-fastly true server openresty status 200 OK vary Cookie, Accept-Encoding via 1.1 varnish, 1.1 varnish, 1.1 varnish x-cache MISS, HIT, HIT x-cache-hits 0, 7, 0 x-request-id bb305a02-4a49-47ce-aff3-cc3e38e53d89 x-served-by cache-ams2100144-AMS, cache-ams2100144-AMS, cache-fra-etou8220142-FRA x-timer S1732102022.184041,VS0,VE2
GET H2	200	css2 fonts.googleapis.com/	39 KB 3 KB	87ms 31ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&family=Inter:wght@400;500;600;700;800&display=swap Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4b9ee54747beb19126d4829f3bfc45823f5871c145a96256ee14d0000d35bd61 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 20 Nov 2024 11:27:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 11:27:02 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 20 Nov 2024 11:27:02 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	screen.css labs.watchtowr.com/assets/built/	32 KB 7 KB	24ms 22ms	Stylesheet text/css	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/assets/built/screen.css?v=b311271e80 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash c04c22ec20671d45136ecbb2c6c1729daecf3a089378842a926769966202c863 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id e850bcb0-afae-4c1c-9748-08888df0128e content-encoding gzip etag W/"7f54-190396a44ad" age 15133 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type text/css; charset=UTF-8 vary Accept-Encoding x-cache-hits 0, 172, 3 last-modified Fri, 21 Jun 2024 06:09:44 GMT x-served-by cache-ams21072-AMS, cache-ams21072-AMS, cache-fra-etou8220142-FRA cache-control public, max-age=31536000 x-timer S1732102022.215222,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 6986 server openresty
GET H2	200	sodo-search.min.js Show response cdn.jsdelivr.net/ghost/sodo-search@~1.5/umd/	263 KB 83 KB	87ms 23ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/ghost/sodo-search@~1.5/umd/sodo-search.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5457a83229acb39e1625c8e08964a52c5fbd5e604182ca19416cabc2ebb41169 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers access-control-expose-headers * content-encoding br etag W/"41bb3-TlcqTJJfU4QXEfOqOvmN0FRqtPI" age 9230 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220112-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 84199 x-jsd-version 1.5.1
GET H2	200	cards.min.js Show response labs.watchtowr.com/public/	6 KB 2 KB	25ms 23ms	Script application/javascript	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/public/cards.min.js?v=b311271e80 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 7b257e1e81be5f3928d1fa0dc765a5d77eb818b61d72f940ee947dc955bbbb0b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id 4c03ef94-5523-4bfc-948c-be5bf3c14426 content-encoding gzip etag W/"143954965104cf254bf1a498449c6855" age 15133 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, MISS, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript x-served-by cache-ams21040-AMS, cache-ams21040-AMS, cache-fra-etou8220142-FRA x-cache-hits 0, 0, 3 vary Accept-Encoding cache-control public, max-age=31536000 x-timer S1732102022.308679,VS0,VE0 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 1490 server openresty
GET H2	200	cards.min.css labs.watchtowr.com/public/	37 KB 6 KB	31ms 29ms	Stylesheet text/css	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/public/cards.min.css?v=b311271e80 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 27c72000333080dee55d65b2323469fa581afe51ee0d5f0653454cc0af078b7e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id e528b4d7-ff54-40b9-a524-733e0a5288b2 content-encoding gzip etag W/"78a238818fe197705adc97c6ad901852" age 15133 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, MISS, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type text/css x-served-by cache-ams2100086-AMS, cache-ams2100086-AMS, cache-fra-etou8220142-FRA x-cache-hits 0, 0, 3 vary Accept-Encoding cache-control public, max-age=31536000 x-timer S1732102022.215206,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 6258 server openresty
GET H2	200	js Show response www.googletagmanager.com/gtag/	299 KB 103 KB	120ms 54ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q0QQGYH9DL Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 958df16d3c1cf7eb4b4c7526763c92b6ed4efebef957f7e97d3b5716ec5009ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 20 Nov 2024 11:27:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 104690 x-xss-protection 0 server Google Tag Manager
GET H2	200	23785948.js Show response js-na1.hs-scripts.com/	2 KB 1018 B	119ms 51ms	Script application/javascript	2606:4700::6810:8cd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/23785948.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17cc368374511fc957210e575ec4db98c157318858ccaf2b46fee583191dc36e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers access-control-max-age 3600 content-encoding gzip cf-cache-status HIT age 3766 x-content-type-options nosniff date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id df573c7b-76fb-4f6b-a85d-4110edac254d content-type application/javascript;charset=utf-8 vary origin, Accept-Encoding last-modified Wed, 20 Nov 2024 10:24:16 GMT access-control-allow-credentials true cf-ray 8e5816a7da7b373e-FRA accept-ranges bytes access-control-allow-origin https://labs.watchtowr.com content-length 683 server cloudflare
GET H3	200	prism-tomorrow.min.css cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/themes/	1 KB 1 KB	58ms 30ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/themes/prism-tomorrow.min.css Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-1d8" age 493813 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDbd8%2BPJvHPjUM62V%2BZf65gZ4G7iHzunjeVXVBFkbFv7BvbRgifrhVktXNWTYPrHbBKFrfNiK%2Fmd01iw%2Bxa%2F35UVKKCZh7b8h5RDDdxcAOfK3a9y7JlgvMpRudsvKEkARexUtOkXgoTMBWJJVdQhkyi1"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 10 Nov 2025 11:27:02 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 11:27:02 GMT content-type text/css; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e5816a70c28d381-FRA accept-ranges bytes access-control-allow-origin * content-length 472 server cloudflare
GET H2	200	watchTowr---Labs-White.svg labs.watchtowr.com/content/images/2022/04/	3 KB 1 KB	21ms 20ms	Image image/svg+xml	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/2022/04/watchTowr---Labs-White.svg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 653dd026068639c920becd532cf32e17cab76ed6de3d821abfc7ba6c49b6ea64 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id 180f878e-45b6-4120-bfb6-03e4838c6fc3 content-encoding gzip etag W/"c1a-18078df92b7" age 15130 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type image/svg+xml last-modified Sat, 30 Apr 2022 05:09:19 GMT x-cache-hits 0, 10, 2 x-served-by cache-ams21080-AMS, cache-ams21080-AMS, cache-fra-etou8220142-FRA vary Accept-Encoding cache-control public, max-age=31536000 x-timer S1732102022.215058,VS0,VE0 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 1192 server openresty
GET H2	200	fortijump.png labs.watchtowr.com/content/images/size/w1200/2024/11/	114 KB 114 KB	25ms 24ms	Image image/png	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/size/w1200/2024/11/fortijump.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash e3e43fe7f67bfe9a402daf2cb7ba05b12831682dbbf771c3e50467e41e641776 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id a7aa8657-149b-4109-8262-5e4d5d1cee2e etag W/"1c830-1932b816199" age 15081 ghost-fastly true status 206 Partial Content alt-svc clear x-cache MISS, HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type image/png last-modified Thu, 14 Nov 2024 16:28:39 GMT x-cache-hits 0, 11, 0 x-served-by cache-ams2100123-AMS, cache-ams2100123-AMS, cache-fra-etou8220142-FRA cache-control public, max-age=31536000 x-timer S1732102022.215031,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 116784 server openresty
GET H3	200	spacer.png img.spacergif.org/v1/1826x1284/0a/	12 KB 1 KB	102ms 48ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.spacergif.org/v1/1826x1284/0a/spacer.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e64b5cba1907b6af3173c5ed3dd09e1ec8876cb865457ea43d361dd90cf9d2bf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers content-encoding gzip cf-cache-status HIT age 105 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9eONGFxKk2kyROKvhquBkNDEcabUFzhIPIRMe9c6SbxhRxw6HH4dduTJYOrTD2FNSoGHDA0Q%2FA5IkoYKFrTHlkJ6L9QKm4B61HfyXaTGINFP0BIkOquw7SuuH%2BexXa45a2MbwIANn0mPZ7xv8Ry2og%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32878&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4715&delivery_rate=90212&cwnd=12000&unsent_bytes=0&cid=ca6b361db2b15393&ts=55&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 20 Nov 2024 11:27:02 GMT content-type image/png vary Accept-Encoding last-modified Wed, 20 Nov 2024 11:06:23 GMT priority u=2,i nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5816a75b9dd712-CDG accept-ranges bytes content-length 360 server cloudflare
GET H3	200	spacer.png img.spacergif.org/v1/1924x1284/0a/	12 KB 976 B	65ms 51ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.spacergif.org/v1/1924x1284/0a/spacer.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9453fc38bb315b36f9a23fcc429dd620fc93fe459204c901fb4f254b312f97b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers content-encoding gzip cf-cache-status HIT age 105 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNpEGH2lSndIpjTkS%2BCZ4gBiZkAepj4pbe%2FRzlOFu74II18TK4c63CeAiuEURm8A7ePED9hOnYkVejoXXWvnnR256Od6TosYMwutwTF11pOTxVEX2dn9kXCu3xA5UyOJVtjHVeUKy32wQwgboME2ng%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32878&sent=12&recv=8&lost=0&retrans=0&sent_bytes=5241&recv_bytes=4715&delivery_rate=90212&cwnd=12000&unsent_bytes=0&cid=ca6b361db2b15393&ts=56&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 20 Nov 2024 11:27:02 GMT content-type image/png vary Accept-Encoding last-modified Wed, 20 Nov 2024 11:06:23 GMT priority u=2,i nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5816a75b9bd712-CDG accept-ranges bytes content-length 335 server cloudflare
GET H2	200	logo-white.svg labs.watchtowr.com/assets/images/	630 B 582 B	25ms 22ms	Image image/svg+xml	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/assets/images/logo-white.svg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash ceaf8255e1258fa5e1e32c9dee6c940e0562695951c628f7415b9a93eb085e95 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id def357c8-18c0-458b-a03e-9ae12c66ef57 content-encoding gzip etag W/"276-190396a44ef" age 15129 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type image/svg+xml vary Accept-Encoding x-cache-hits 0, 10, 2 last-modified Fri, 21 Jun 2024 06:09:44 GMT x-served-by cache-ams21064-AMS, cache-ams21064-AMS, cache-fra-etou8220142-FRA cache-control public, max-age=31536000 x-timer S1732102022.308490,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 356 server openresty
GET H2	200	main.min.js Show response labs.watchtowr.com/assets/built/	44 KB 16 KB	27ms 24ms	Script application/javascript	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/assets/built/main.min.js?v=b311271e80 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 1fca19e97c3cbc726acc8d8e5ccb34aa99a0b6153054d724560a53c07a652397 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id 220ea051-fc74-4de9-aea9-afe10fd927b2 content-encoding gzip etag W/"b10f-190396a44a4" age 15133 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, MISS, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-cache-hits 0, 0, 3 last-modified Fri, 21 Jun 2024 06:09:44 GMT x-served-by cache-ams21045-AMS, cache-ams21045-AMS, cache-fra-etou8220142-FRA cache-control public, max-age=31536000 x-timer S1732102022.308751,VS0,VE0 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 16307 server openresty
GET H3	200	prism-core.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	7 KB 3 KB	33ms 31ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-core.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2624d4f66cc5f171cd460896b106630f7666a1e638b42dd9ddefd0ca7758683 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-aff" age 1089997 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjebzWbhq8SglwgVOturgXGJP4xHCq78JcgmOMtqj9EF2GcHHwq57tNPFNP16P6TQkt%2Ffel6kwdXI3bwhsKh4QHchth4fK0Gb%2BXRujCCdfN7gNyukKYrF%2BNZrVeLvx7yVcZahMJnc%2BomobR0nfg6B0jo"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 10 Nov 2025 11:27:02 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e5816a76d37d381-FRA accept-ranges bytes access-control-allow-origin * content-length 2815 server cloudflare
GET H3	200	prism-autoloader.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/	6 KB 3 KB	36ms 34ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74beaf9148829f7d253d337d715ae6407a39510984c0332bc76a69024e088559 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-874" age 55467 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NaQGehEckMVmHAJPuFqtXUxN2aanIc80B1xhcITPPw1RWkQ5tVcZk6d4Hm3Jb6poKcw3SDcI%2FafVERD2n07XIglKlTWooGKbEwqQYQohhShjjy1UuQ1SC7QC%2BycgLj%2FSqnhsFfj5QphfdpuJWP1%2BPM%2FQ"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 10 Nov 2025 11:27:02 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e5816a76d40d381-FRA accept-ranges bytes access-control-allow-origin * content-length 2164 server cloudflare
GET		factors.js app.factors.ai/assets/v1/	0 0
GET H2	200	lftracker_v1_3P1w24do6zP7mY5n.js Show response sc.lfeeder.com/	31 KB 12 KB	154ms 37ms	Script application/javascript	2600:9000:2250:6400:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_3P1w24do6zP7mY5n.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:6400:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9c076c44c2a65588a5171b190d29e39c5542fae2e2fa68550e830d5fb4b8dc65 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers content-encoding br x-amz-version-id RQ3UJdvEZQqmBXWqo2sfKb3Y9TdoJpG3 etag W/"bd10e6330fa5c45a0c70765b74ddc6a5" age 1922 x-cache Hit from cloudfront x-amz-cf-id 8_Me5zTlMYbJYolwOMOW5dz--y0zsec5Yplu4LYY4TvBNzOtEz9Ueg== date Wed, 20 Nov 2024 10:57:20 GMT content-type application/javascript vary accept-encoding, Origin last-modified Wed, 09 Oct 2024 07:33:36 GMT cache-control max-age=3600 cross-origin-resource-policy cross-origin via 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET		hotjar-2950076.js static.hotjar.com/c/	0 0
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	144ms 38ms	Script application/javascript	2a02:26f0:3500:10::210:a9a AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash 8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers cache-control max-age=83018 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14628 date Wed, 20 Nov 2024 11:27:02 GMT last-modified Thu, 22 Aug 2024 10:43:55 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H2	200	sl.js Show response scout-cdn.salesloft.com/	6 KB 3 KB	108ms 32ms	Script application/javascript	2606:4700::6810:4869 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scout-cdn.salesloft.com/sl.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4869 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers content-encoding br cf-cache-status HIT x-amz-version-id 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc etag W/"d74cc4825c8e333b2116da3fcc649db1" age 4209 x-content-type-options nosniff expires Wed, 20 Nov 2024 15:27:02 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript last-modified Mon, 13 Dec 2021 16:28:37 GMT vary Accept-Encoding x-frame-options SAMEORIGIN x-amz-id-2 iGS/wEfBYQzz9BTHMAlk8qk/iFUfXkSHYVdTLL4b3HT5zIQ6tGHCGugR5WcU5fsSCHafDh9J/w+XXXixyeK0w+MmBvYcc8kdm8I2T38M9pQ= strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=14400 x-amz-request-id C0N6J0EV3229BZRD cf-ray 8e5816a7eb4690f2-FRA access-control-allow-origin * server cloudflare
GET H2	200	fortijump-demo_thumb.jpg labs.watchtowr.com/content/media/2024/11/	43 KB 43 KB	47ms 45ms	Image image/jpeg	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/media/2024/11/fortijump-demo_thumb.jpg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 1d38f45332416e80f1ff70c24e6f7d8404afb3517b504c55e71d6ebf1ca688ef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id 5eee786a-b164-4196-a388-1265f8e6a9df etag W/"aa49-1932b559004" age 15133 ghost-fastly true status 206 Partial Content alt-svc clear x-cache HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type image/jpeg x-served-by cache-ams21038-AMS, cache-fra-etou8220142-FRA x-cache-hits 7, 0 last-modified Thu, 14 Nov 2024 15:40:48 GMT cache-control public, max-age=31536000 x-timer S1732102022.314711,VS0,VE17 via 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 43593 fastly-restarts 1 server openresty
GET H2	200	fortijump-higher-demo_thumb.jpg labs.watchtowr.com/content/media/2024/11/	65 KB 65 KB	44ms 43ms	Image image/jpeg	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/media/2024/11/fortijump-higher-demo_thumb.jpg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 181817675f46869452bc864416e14679005fa1b711c7601d35541c52d01bb226 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id 9695c917-0708-49fc-ae6f-aea13f67b361 etag W/"10267-1932b4c26cf" age 15133 ghost-fastly true status 206 Partial Content alt-svc clear x-cache HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type image/jpeg x-served-by cache-ams21081-AMS, cache-fra-etou8220142-FRA x-cache-hits 7, 0 last-modified Thu, 14 Nov 2024 15:30:31 GMT cache-control public, max-age=31536000 x-timer S1732102022.314695,VS0,VE1 via 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 66151 fastly-restarts 1 server openresty
GET H2	200	ABCFavorit-Light.woff2 labs.watchtowr.com/assets/fonts/	38 KB 38 KB	20ms 20ms	Font font/woff2	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/assets/fonts/ABCFavorit-Light.woff2 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/assets/built/screen.css?v=b311271e80 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 274ba032d9071697b02e08b0833af8b4ed90b453740cdc11528b7e058bdb8f36 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer https://labs.watchtowr.com/assets/built/screen.css?v=b311271e80 Response headers x-request-id 7c2b1193-140b-45a5-a471-ee807d259e8e etag W/"9884-190396a44c0" age 15116 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type font/woff2 last-modified Fri, 21 Jun 2024 06:09:44 GMT x-cache-hits 0, 8, 2 x-served-by cache-ams2100140-AMS, cache-ams2100140-AMS, cache-fra-etou8220142-FRA cache-control public, max-age=31536000 x-timer S1732102022.346714,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 39044 server openresty
GET H2	200	fortinet-ohnoi.jpeg labs.watchtowr.com/content/images/size/w1000/2024/11/	70 KB 71 KB	26ms 25ms	Image image/jpeg	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/size/w1000/2024/11/fortinet-ohnoi.jpeg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 56a11f71513096d141294d946de3af66cb6cb21458d95031e989648f0addf502 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id c53fdb76-3d86-4950-b156-4f6335039e09 etag W/"11911-1932b76a32e" age 15133 ghost-fastly true status 206 Partial Content alt-svc clear x-cache HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type image/jpeg x-served-by cache-ams21026-AMS, cache-fra-etou8220142-FRA x-cache-hits 7, 0 last-modified Thu, 14 Nov 2024 16:16:55 GMT cache-control public, max-age=31536000 x-timer S1732102022.346673,VS0,VE1 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 71953 fastly-restarts 1 server openresty
GET H2	200	image-23.png labs.watchtowr.com/content/images/2024/11/	139 KB 139 KB	33ms 33ms	Image image/png	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/2024/11/image-23.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 872d7227dc472f9dbab49d50a8cf5612538b68b83b4f86e5c5460c6e62ce2b2a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id e78b059f-7408-48e3-82d5-a4b7c4feea5d etag W/"22bc9-1932b4904c2" age 15133 ghost-fastly true status 206 Partial Content alt-svc clear x-cache HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type image/png x-served-by cache-ams2100120-AMS, cache-fra-etou8220142-FRA x-cache-hits 7, 0 last-modified Thu, 14 Nov 2024 15:27:05 GMT cache-control public, max-age=31536000 x-timer S1732102022.346944,VS0,VE2 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 142281 fastly-restarts 1 server openresty
GET H2	206	fortijump-demo.mp4 labs.watchtowr.com/content/media/2024/11/	134 KB 0	33ms 32ms	Media video/mp4	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/content/media/2024/11/fortijump-demo.mp4 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash Request headers Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=0- Response headers x-request-id c3b2f05f-479a-42a6-877b-5f6f177cb312 etag W/"15ef5a-1932b558ed6" age 15133 ghost-fastly true status 206 Partial Content alt-svc clear x-cache HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type video/mp4 x-served-by cache-ams21072-AMS, cache-fra-etou8220142-FRA x-cache-hits 7, 0 last-modified Thu, 14 Nov 2024 15:40:47 GMT cache-control public, max-age=31536000 x-timer S1732102022.352784,VS0,VE1 Content-Range bytes 0-1437529/1437530 via 1.1 varnish, 1.1 varnish accept-ranges bytes Content-Length 1437530 fastly-restarts 1 server openresty
GET H2	206	fortijump-higher-demo.mp4 labs.watchtowr.com/content/media/2024/11/	142 KB 0	34ms 34ms	Media video/mp4	2a04:4e42:600::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/content/media/2024/11/fortijump-higher-demo.mp4 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash Request headers Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=0- Response headers x-request-id d06e7e1f-5bdf-464f-a990-5b0e6d54a90d etag W/"15a444-1932b4c256b" age 15133 ghost-fastly true status 206 Partial Content alt-svc clear x-cache MISS, HIT, HIT date Wed, 20 Nov 2024 11:27:02 GMT content-type video/mp4 x-served-by cache-ams21049-AMS, cache-ams21049-AMS, cache-fra-etou8220142-FRA x-cache-hits 0, 7, 0 last-modified Thu, 14 Nov 2024 15:30:30 GMT cache-control public, max-age=31536000 x-timer S1732102022.353597,VS0,VE1 Content-Range bytes 0-1418307/1418308 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes Content-Length 1418308 fastly-restarts 1 server openresty
GET		r scout.salesloft.com/	0 0
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 24 KB	97ms 34ms	Script application/javascript	2606:4700::6810:6dfe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-request-id 6eed70b0-46e6-42cd-8f6f-e3dc95cafe37 content-encoding gzip cf-cache-status HIT etag W/"216a00fb66fa9b149d5f8b5557f0f563" x-amz-version-id _vUoUmuymk3IT7Uikz585Nn8PzBEJUsn age 256 cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-content-type-options nosniff x-cache Hit from cloudfront x-evy-trace-listener listener_https x-amz-cf-id 5qS3qgnmp6FZbQAIcyj_KARgiLRqJSA12dggxLPPsA_EbOl8_Fhi5Q== x-hubspot-correlation-id 6eed70b0-46e6-42cd-8f6f-e3dc95cafe37 content-type application/javascript; charset=utf-8 last-modified Mon, 14 Oct 2024 10:34:35 UTC x-amz-replication-status COMPLETED x-evy-trace-route-service-name envoyset-translator cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-856d8787d5-szdkk x-envoy-upstream-service-time 2 x-hs-target-asset collected-forms-embed-js/static-1.885/bundles/project.js server cloudflare x-evy-trace-virtual-host all x-amz-server-side-encryption AES256 x-hs-cache-status HIT date Wed, 20 Nov 2024 11:27:02 GMT vary accept-encoding content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.885/bundles/project.js&cfRay=8e5810665e063674-FRA via 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront) cf-ray 8e5816a89aabd38a-FRA access-control-allow-origin * x-evy-trace-route-configuration listener_https/all x-amz-cf-pop IAD12-P3
GET H2	200	banner.js Show response js.hs-banner.com/v2/23785948/	71 KB 26 KB	251ms 188ms	Script text/javascript	2606:4700:4400::6812:28f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/23785948/banner.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eb36c3fefb9a7c641ed164932ff3a616cb60a0f5679702d89338491904b9c63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-evy-trace-virtual-host all access-control-max-age 604800 x-request-id bfa1f5f4-b2e1-468d-8f6c-79245913df42 access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing content-encoding gzip cf-cache-status REVALIDATED etag W/"efaf4c124c5391bb4cc3b6eb60e7277c" x-amz-version-id oLb5zGabbAxGj5mfNjTKaUd8Hg3eu1G9 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD expires Wed, 20 Nov 2024 11:32:02 GMT x-evy-trace-listener listener_https date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id bfa1f5f4-b2e1-468d-8f6c-79245913df42 content-type text/javascript; charset=UTF-8 last-modified Wed, 23 Oct 2024 01:59:11 GMT vary origin, Accept-Encoding x-amz-id-2 0SM8p4AmC7qne2XwrXQYXzoiWToQxCUmNBCe2QHeAb4mgB2qLSbRi8OQ3Ds59tXVZ86ILWX2+VSR/0EV49u8lA0kYegTu562 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id x-evy-trace-route-service-name envoyset-translator cache-control max-age=300,public timing-allow-origin * x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-4gzdf x-envoy-upstream-service-time 75 access-control-allow-credentials true x-amz-request-id VY9613DAKRWFB61Q cf-ray 8e5816a89846dbde-FRA access-control-allow-origin https://labs.watchtowr.com x-evy-trace-route-configuration listener_https/all server cloudflare x-amz-server-side-encryption AES256
GET H2	200	conversations-embed.js Show response js.usemessages.com/	93 KB 26 KB	84ms 36ms	Script application/javascript	2606:4700::6810:4d8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4d8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea891cdcb30cb0c588e5d8645bcc4b9c288cd97b4b8d9f0128ab840bb9cf3007 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-evy-trace-virtual-host all x-request-id fb36ca16-db86-4232-83b8-8f7352afe9f7 content-encoding gzip cf-cache-status HIT etag W/"c9a25bafc15056730bab9677bdb53ba7" x-amz-version-id vF78qP_7vPz_YTOvYC5XDYfeljdqdUMI age 284 cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod x-content-type-options nosniff x-cache Hit from cloudfront x-hs-cache-status MISS x-amz-cf-id l8nAXQYzpGDI0-tIaCTs4lcqOiBA3iXM25jUYYlgut_YZzSM4Vl8Rw== date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id fb36ca16-db86-4232-83b8-8f7352afe9f7 content-type application/javascript; charset=utf-8 last-modified Mon, 18 Nov 2024 20:58:22 UTC vary accept-encoding x-evy-trace-listener listener_https x-amz-replication-status COMPLETED x-evy-trace-route-service-name envoyset-translator cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-856d8787d5-kmrh7 x-envoy-upstream-service-time 9 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18772/bundles/project.js&cfRay=8e580fb6cb55d286-FRA via 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront) cf-ray 8e5816a88e239ba4-FRA x-evy-trace-route-configuration listener_https/all x-hs-target-asset conversations-embed/static-1.18772/bundles/project.js x-amz-cf-pop IAD12-P3 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 3 KB	114ms 43ms	Script application/javascript	2606:4700::6811:80ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9620ecbbed293518c704254a6dd6b160c5fcdf5f9d6ddccdbb2d4e5019cc6c24 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-evy-trace-virtual-host all x-request-id b5685b7f-9b44-4317-85eb-f35e7bf59ce4 content-encoding gzip cf-cache-status HIT etag W/"9722140e9e9ccdf3da9d53d4e87fe897" x-amz-version-id mil9drESFgJvY_a4JcSQWv_XDCIH6K9h age 392 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod x-content-type-options nosniff x-cache Hit from cloudfront x-hs-cache-status HIT x-amz-cf-id Xhvdkona5_ni02GhZQpvEcJH90uYbyfsc7a16ImJYJlm2kPRE_ST8w== date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id b5685b7f-9b44-4317-85eb-f35e7bf59ce4 content-type application/javascript; charset=utf-8 last-modified Mon, 18 Nov 2024 17:56:11 UTC vary accept-encoding x-evy-trace-listener listener_https x-amz-replication-status COMPLETED x-evy-trace-route-service-name envoyset-translator cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-86c46c9777-8t87w x-envoy-upstream-service-time 1 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.727/bundles/pixels-release.js&cfRay=8e510efd7a315c1a-FRA via 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront) cf-ray 8e5816a8be431951-FRA x-evy-trace-route-configuration listener_https/all x-hs-target-asset adsscriptloaderstatic/static-1.727/bundles/pixels-release.js x-amz-cf-pop IAD12-P3 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	23785948.js Show response js.hs-analytics.net/analytics/1732098000000/	68 KB 25 KB	197ms 137ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1732098000000/23785948.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f13a582e4dd93e0b6e6f7147e788f5a3d679e22f57bf3d2814eb990f137a557 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-amz-server-side-encryption AES256 x-request-id 5f9ac8bf-7f59-474b-bbd9-5bcc10e979b8 content-encoding gzip cf-cache-status REVALIDATED etag W/"1b77e8761c7cef61885d26f25de82920" x-amz-version-id null expires Wed, 20 Nov 2024 11:32:02 GMT x-evy-trace-listener listener_https date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id 5f9ac8bf-7f59-474b-bbd9-5bcc10e979b8 content-type text/javascript last-modified Wed, 23 Oct 2024 01:59:14 GMT vary origin, Accept-Encoding x-amz-id-2 GsM3eeDtMzO1TajGwow80fymIvZnmnmvVd2+gNoQCgSy1hVXf4tVyW6IcxUjm5UAwMhXJqNn7yc= x-evy-trace-route-service-name envoyset-translator cache-control max-age=300,public x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-j2gwx x-envoy-upstream-service-time 22 access-control-allow-credentials false x-amz-request-id EWXEEH6GEFPRG7QB cf-ray 8e5816a8ace5bb89-FRA x-evy-trace-route-configuration listener_https/all server cloudflare x-evy-trace-virtual-host all
GET H3	200	prism-clike.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	708 B 1021 B	33ms 32ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-clike.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c76ba4e240932bdc75546be30e550f5ba5e13815ff71511c76e9e27ac3072444 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-17d" age 67437 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1KRslQVg1p2O1BG8UOoRkPEzWnSPI2DYBQa3PGVToz1fwU2db%2B7BVe5v6CNvEF4ZnMivRk7gS77UMsc57V0VM5BoTdg7AsJFM67Uxr90PfohFGka1WTXyygz77hoH2B0f8bXlGJVZahEdJK9%2FS27l7cG"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 10 Nov 2025 11:27:02 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e5816a87b52dbad-FRA accept-ranges bytes access-control-allow-origin * content-length 381 server cloudflare
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 1 KB	256ms 185ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=3860676&time=1732102022478&url=https%3A%2F%2Flabs.watchtowr.com%2Fhop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575%2F Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers content-encoding gzip x-li-fabric prod-ltx1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} access-control-allow-methods GET, OPTIONS x-li-proto http/2 x-cache CONFIG_NOCACHE date Wed, 20 Nov 2024 11:27:01 GMT content-type application/json access-control-allow-headers * x-li-pop afd-prod-ltx1-x nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-fs-uuid 000627566dc5fe050b249c3bc0b003d4 x-msedge-ref Ref A: 0C9100B66E944C47B7904D38D8F45F6A Ref B: DUS30EDGE0811 Ref C: 2024-11-20T11:27:02Z x-restli-protocol-version 1.0.0 x-li-uuid AAYnVm3F/gULJJw7wLAD1A== access-control-allow-origin *
GET		collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1732102022478&url=https%3A%2F%2Flabs.watchtowr.com%2Fhop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575%2F https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1732102022478&url=https%3A%2F%2Flabs.watchtowr.com%2Fhop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575%2F&e_ipv6=AQLc...	0 0
POST H2	204	collect region1.google-analytics.com/g/	0 0	78ms 30ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q0QQGYH9DL&gtm=45je4bj0v877901959za200&_p=1732102022294&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1400177039.1732102022&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732102022&sct=1&seg=0&dl=https%3A%2F%2Flabs.watchtowr.com%2Fhop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575%2F&dt=Hop-Skip-FortiJump-FortiJump-Higher%20-%20Fortinet%20FortiManager%20CVE-2024-47575&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=411 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q0QQGYH9DL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://labs.watchtowr.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 20 Nov 2024 11:27:02 GMT content-type text/plain server Golfe2
GET H3	200	prism-c.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	2 KB 1 KB	30ms 30ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-c.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e05cf21207bff46afbf80cb8f43bb58bc4a4a87b68f28bc0470342f69345209 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-344" age 58339 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIkHXJOUMqviT0HolYP8CNvplAtv0Yo%2BM4qjQgQLlgE0jtW%2BGCVE8ieNWBem0SihA%2FEmBVNhUiura7tc25E9NJV8aixx9Ra90urPGLSuJ6Egq7v06gP6W8aMilRFeDtOxnosOp9k0xqQbUqo%2B9C7wnj3"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 10 Nov 2025 11:27:02 GMT alt-svc h3=":443"; ma=86400 date Wed, 20 Nov 2024 11:27:02 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e5816a8cc18dbad-FRA accept-ranges bytes access-control-allow-origin * content-length 836 server cloudflare
GET H2	200	public Show response api.hubspot.com/livechat-public/v1/message/	327 B 948 B	205ms 205ms	XHR application/json	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=23785948&conversations-embed=static-1.18772&mobile=false&messagesUtk=67a62921ffa74b378ed5e92e16ab17ff&traceId=67a62921ffa74b378ed5e92e16ab17ff Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3444e1dce831fc71dae3e127af95a352903d5f9f528a84289ae0f6b9d729277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 X-HubSpot-Messages-Uri https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePltxHISpmyb7MAt6NSaH1PTgeU5udcPPDD%2FcL9JTjKT8XqIYFpicahDEzVAtppIWtkBewKqF06vJptdb1jq3Vi8mjy5TjJdKYN7LUCwlTA7snMIl6Rb1OfN2TS9R5ev0g265%2BroCBlbY3W0YQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-content-type-options nosniff date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id be8e25ed-8e1b-4cf0-9fdc-205542e975cc content-type application/json;charset=utf-8 vary origin, Accept-Encoding access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8e5816aa3f5a37d7-FRA access-control-allow-origin https://labs.watchtowr.com content-length 251 server cloudflare
OPTIONS H2	200	public api.hubspot.com/livechat-public/v1/message/	0 0	219ms 173ms	Preflight text/plain	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=23785948&conversations-embed=static-1.18772&mobile=false&messagesUtk=67a62921ffa74b378ed5e92e16ab17ff&traceId=67a62921ffa74b378ed5e92e16ab17ff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers x-hubspot-messages-uri Access-Control-Request-Method GET Origin https://labs.watchtowr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://labs.watchtowr.com allow HEAD,GET,OPTIONS cf-cache-status DYNAMIC cf-ray 8e5816a92e3237d7-FRA content-length 18 content-type text/plain; charset=utf-8 date Wed, 20 Nov 2024 11:27:02 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NK0WuZfnuRIY95PSxZwPOEgf0sSiK1%2BibSYgPk3zc%2BXKcqV9BeJsUyrELprnBFzMAD41sJeTJF%2FcuTALEhL%2BhnVk%2B%2BIjdcvU%2FIJ6KQAZ1gyXFEAsFzW3XpZDPUqZU6FZVbVjlERwi03zUecKsw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding x-content-type-options nosniff x-hubspot-correlation-id 62c6f7d3-03b7-4f2d-bcd5-b1654621377e
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	136 B 469 B	140ms 131ms	XHR application/json	2606:4700::6810:6dfe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23785948&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1102619929d461c761d302e6023c47c0e8440f2c1e6215cced390867bd868e09 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers x-robots-tag none access-control-max-age 180 x-request-id 987f9335-0858-482b-b546-85101f98cfa2 content-encoding br cf-cache-status DYNAMIC access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-content-type-options nosniff x-evy-trace-listener listener_https date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id 987f9335-0858-482b-b546-85101f98cfa2 content-type application/json;charset=utf-8 vary Accept-Encoding access-control-allow-headers * x-evy-trace-route-service-name envoyset-translator cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-856d8787d5-sp56b x-envoy-upstream-service-time 10 cf-ray 8e5816a90bb0d38a-FRA access-control-allow-origin https://labs.watchtowr.com x-evy-trace-route-configuration listener_https/all server cloudflare x-evy-trace-virtual-host all
GET		/ tr-rc.lfeeder.com/	0 0
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	114 B 799 B	198ms 141ms	XHR application/json	2606:4700::6812:f06c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=23785948 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6197ceff1122e8aa36a89d3554018d665b3ee7efb485588565c53cf9995654ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ Response headers access-control-max-age 180 content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuApLVvqlh4WX5aDfXa4T40L625%2F1PPp7LhVGc%2B9eabTYymoq4VkXsJIiDQ0LcCGUsQaynfnpTY6tIfUP%2BFuk%2F4u13fgeRbxTHh19f%2B2PMQBN77Xu9KRcbRq1kuBjkS5kwVI2azgskAIur3%2F"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-content-type-options nosniff date Wed, 20 Nov 2024 11:27:02 GMT x-hubspot-correlation-id c38d84c2-9187-4c15-80b8-47c748c3ac8c content-type application/json;charset=utf-8 vary origin, Accept-Encoding access-control-allow-headers * strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8e5816aa388bd206-FRA access-control-allow-origin https://labs.watchtowr.com server cloudflare
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 197 B	173ms 172ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 726F2C51CE2D4B019435CFE7869FE23B Ref B: FRAEDGE1409 Ref C: 2024-11-20T11:27:02Z x-li-fabric prod-ltx1 access-control-allow-credentials true x-li-uuid AAYnVm3LNK62brbUgOXHHw== x-li-proto http/2 access-control-allow-origin https://labs.watchtowr.com x-cache CONFIG_NOCACHE date Wed, 20 Nov 2024 11:27:02 GMT vary Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

app.factors.ai

URL

https://app.factors.ai/assets/v1/factors.js

Domain

static.hotjar.com

URL

https://static.hotjar.com/c/hotjar-2950076.js?sv=6

Domain

scout.salesloft.com

URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTIzMjd9.VPRLDlVywXvamkHUrZOJN7rKvtF70sMZ21c4f5nxvn0

Domain

px4.ads.linkedin.com

URL

https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1732102022478&url=https%3A%2F%2Flabs.watchtowr.com%2Fhop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575%2F&e_ipv6=AQLcbb1MXb9GOAAAAZNJU2Xov87CWMp53fbZ50_8oq5nehqLYMJkpv0X-okWUt5WdATb-3oAF993LVOD67FTmFKv51NLeQ

Domain

tr-rc.lfeeder.com

URL

https://tr-rc.lfeeder.com/?sid=3P1w24do6zP7mY5n&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVEwUVFHWUg5REwiXSwiZ2FDbGllbnRJZHMiOlsiMTQwMDE3NzAzOS4xNzMyMTAyMDIyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjQuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9sYWJzLndhdGNodG93ci5jb20vaG9wLXNraXAtZm9ydGlqdW1wLWZvcnRpanVtcGhpZ2hlci1jdmUtMjAyNC0yMzExMy1jdmUtMjAyNC00NzU3NS8iLCJwYWdlVGl0bGUiOiJIb3AtU2tpcC1Gb3J0aUp1bXAtRm9ydGlKdW1wLUhpZ2hlciAtIEZvcnRpbmV0IEZvcnRpTWFuYWdlciBDVkUtMjAyNC00NzU3NSIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiNzlhZDlkYTJhMGNjM2MwZiIsInNjcmlwdElkIjoiM1AxdzI0ZG82elA3bVk1biIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuOGE3YWM1YmE3NWFmZWJkNy4xNzMyMTAyMDIyNTgxIiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6Im9uX3NjcmlwdF9sb2FkIn0=