www.praetorian.com Open in urlscan Pro
146.148.61.165  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807055&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807055&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQITG5hhU1YZmwAAAZAc15BeHt7J6R08S7eTNyrIKDulogpaMf_gGzJjBwSuXA9VMpGwnFfR

Request Chain 24

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807059&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807059&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQKvWJ7oYkxqOgAAAZAc15Kel6wF3ma2O1G3c4QdhL1pfiXq257it6xbPdtaqg6dUGG1c7Nx

Request Chain 26

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807060&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807060&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQKxlbOlC5-z7gAAAZAc15Rn-8h-fmuvJ79DX0bjNmClld7AkC9CwFUiLRrYJtK8io5F6C8s

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request refresh-compromising-f-big-ip-with-request-smuggling-cve Show response www.praetorian.com/blog/	54 KB 13 KB	2877ms 2539ms	Document text/html	146.148.61.165 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 165.61.148.146.bc.googleusercontent.com Software nginx / WP Engine Resource Hash afa3ecf34eb83c0092730776038b56e987201a33a41d7241e60883b9d11d76cf Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Sat, 15 Jun 2024 17:00:03 GMT expires Thu, 19 Nov 1981 08:52:00 GMT link <https://www.praetorian.com/wp-json/>; rel="https://api.w.org/" pragma no-cache server nginx vary Accept-Encoding Accept-Encoding Accept-Encoding x-cache MISS x-cache-group normal x-cacheable non200 x-powered-by WP Engine
GET H2	200	22265125.js Show response js.hs-scripts.com/	2 KB 809 B	456ms 366ms	Script application/javascript	2606:4700::6810:8ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/22265125.js Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71af2639a0f51b91a737cd29985d44bc4a7218bdfd9044500bf5f9ec9d2b74ca Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:04 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 9a5390d9-f5fd-408b-a460-12acd9c8d8ff x-envoy-upstream-service-time 7 content-length 645 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9a5390d9-f5fd-408b-a460-12acd9c8d8ff last-modified Sat, 15 Jun 2024 16:51:25 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.praetorian.com x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-hcrnk access-control-allow-credentials true cache-control public, max-age=90 accept-ranges bytes cf-ray 89441d3d6d573821-FRA expires Sat, 15 Jun 2024 17:01:34 GMT
GET H2	200	autoptimize_8813209e66c1c318230aacc4fa2aed61.css www.praetorian.com/wp-content/cache/autoptimize/css/	293 KB 54 KB	217ms 215ms	Stylesheet text/css	146.148.61.165 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_8813209e66c1c318230aacc4fa2aed61.css Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 165.61.148.146.bc.googleusercontent.com Software nginx / Resource Hash 485052bac375cef05d5c70a8585b512732d68a1018b9da50a3e267533098f890 Security Headers Name Value Content-Security-Policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:04 GMT content-security-policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; content-encoding br last-modified Wed, 29 May 2024 20:54:11 GMT server nginx etag W/"665795f3-4923c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	yng4pbv.css use.typekit.net/	8 KB 1 KB	4830ms 4651ms	Stylesheet text/css	2a02:26f0:7100::1720:ef23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/yng4pbv.css?ver=6.5.3 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8f86d82c79073ffc876c2fdd10fe4b208a3a445c5ea331fadccc465a154b9a66 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Sat, 15 Jun 2024 17:00:08 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1083
GET H2	200	js Show response www.googletagmanager.com/gtag/	294 KB 101 KB	184ms 71ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a13a68d4a90866dcf6d964288b575aa92d13cb0978da81b4571cf3021343d74e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 102686 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 15 Jun 2024 17:00:04 GMT
GET H2	200	22265125.js Show response js.hs-scripts.com/	2 KB 830 B	448ms 359ms	Script application/javascript	2606:4700::6810:8ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/22265125.js?integration=WordPress&ver=11.1.21 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94276789cf2fbb9e5bdb226b7714a1e4d078041611da04ce2c54d2b7ff6a08f7 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:04 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 12cc9e1a-945e-442e-8877-a5acc3ea98a4 x-envoy-upstream-service-time 4 content-length 643 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 12cc9e1a-945e-442e-8877-a5acc3ea98a4 last-modified Sat, 15 Jun 2024 16:42:29 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.praetorian.com x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-4ccs4 access-control-allow-credentials true cache-control public, max-age=90 accept-ranges bytes cf-ray 89441d3d6d533821-FRA expires Sat, 15 Jun 2024 17:01:34 GMT
GET H2	200	22265125.js Show response js.hs-scripts.com/	2 KB 1 KB	309ms 221ms	Script application/javascript	2606:4700::6810:8ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/22265125.js?ver=6.5.3 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63415c24afcb3914191de7ed4b1ac8244b297984335641ef091d2ed1f5029e8d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:04 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 1b372b72-1cb5-4c6a-9b6b-ab89109c81fc x-envoy-upstream-service-time 7 content-length 638 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 1b372b72-1cb5-4c6a-9b6b-ab89109c81fc last-modified Sat, 15 Jun 2024 16:51:25 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.praetorian.com x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-7c5tp access-control-allow-credentials true cache-control public, max-age=90 accept-ranges bytes cf-ray 89441d3d6d503821-FRA expires Sat, 15 Jun 2024 17:01:34 GMT
GET H2	200	autoptimize_acc7d362d2dd9f501c02d8331281479e.js Show response www.praetorian.com/wp-content/cache/autoptimize/js/	171 KB 55 KB	175ms 175ms	Script application/javascript	146.148.61.165 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.praetorian.com/wp-content/cache/autoptimize/js/autoptimize_acc7d362d2dd9f501c02d8331281479e.js Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 165.61.148.146.bc.googleusercontent.com Software nginx / Resource Hash c486c12ba057b76010676226eef7f27514bfff41bcad02be0ee8c3b976155cd7 Security Headers Name Value Content-Security-Policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:04 GMT content-security-policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; content-encoding br last-modified Wed, 29 May 2024 20:53:55 GMT server nginx etag W/"665795e3-2ac40" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	gtm.js Show response www.googletagmanager.com/	281 KB 96 KB	74ms 72ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eccef96ad31116dcdd83e945f6e67593f2100ad518f1dd1a561453c8a9d81a36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97950 x-xss-protection 0 last-modified Sat, 15 Jun 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Jun 2024 17:00:05 GMT
GET		gtm.js www.googletagmanager.com/	0 0
GET H2	200	hotjar-2851712.js Show response static.hotjar.com/c/	10 KB 5 KB	188ms 73ms	Script application/javascript	18.66.102.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2851712.js?sv=6 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-53.fra56.r.cloudfront.net Software / Resource Hash 012b21dac16743d21da03b77747fab3b8dcdd582c70dca4b33e7c3ddf2aebc48 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sat, 15 Jun 2024 17:00:05 GMT via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/25b27f42fa072ac3be8b132f888ff8c7 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id tIZ2AEDjfb2Sj39ZzRYxctW_onT3gCsZX9F1ZBYlaMhKji2ZZpSeng==
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 25 KB	268ms 168ms	Script application/javascript	2606:4700::6810:6cfe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/22265125.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding gzip x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=89441d475dea1e56-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"7d377a186677c174f204d466b8fa5fdb" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset collected-forms-embed-js/static-1.503/bundles/project.js date Sat, 15 Jun 2024 17:00:05 GMT x-amz-version-id WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W x-content-type-options nosniff cf-cache-status EXPIRED via 1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id cdd17af6-d341-4621-8c13-f6fc9b82c16a x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-envoy-upstream-service-time 11 x-evy-trace-route-configuration listener_https/all x-request-id cdd17af6-d341-4621-8c13-f6fc9b82c16a last-modified Wed, 15 May 2024 14:34:44 UTC server cloudflare access-control-max-age 3000 x-hs-cache-status MISS x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs cf-ray 89441d475dea1e56-FRA x-amz-cf-id OhxJ79lVJh_Xah-_t7cN0VUnD7BCLRnljp2FBP4iDc0NlttRBKQFUA==
GET H2	200	22265125.js Show response js.hs-analytics.net/analytics/1718470800000/	67 KB 24 KB	290ms 197ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1718470800000/22265125.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/22265125.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ec600482b5f13fc75a11ede92bc2fdb8ca95d44b30345102453cec766cea029 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:06 GMT x-amz-version-id null content-encoding gzip cf-cache-status MISS x-amz-request-id 90KYHSPM27PGVVWC x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 61d9fbe9-2136-457f-b012-04aa29cca2c5 x-envoy-upstream-service-time 27 x-amz-id-2 5Cjs8hPD6cQgHsC2gXIVmwI6GCKF9vf94TMTjg9DvBJa27CqLJjEphd08KwYiB+lmUIhZBRdhyM= x-evy-trace-listener listener_https x-request-id 61d9fbe9-2136-457f-b012-04aa29cca2c5 x-evy-trace-route-configuration listener_https/all last-modified Thu, 30 May 2024 21:22:04 GMT server cloudflare etag W/"55ab7654e68d15eb28fdf8ff9320f8b8" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs cache-control max-age=300,public access-control-allow-credentials false cf-ray 89441d490a845d55-FRA expires Sat, 15 Jun 2024 17:05:06 GMT
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	166ms 62ms	Script application/javascript	2606:4700::6811:80ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/22265125.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47d1036cdfb7fa765e45f0f3d193baadcd53005e95a2f9bf7b531ebfbf41ea2f Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:06 GMT x-amz-version-id tGbAtiolnAFnleIlWBGAzvQOiFsm5cIW content-encoding gzip x-content-type-options nosniff via 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 378 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.563/bundles/pixels-release.js&cfRay=8944140eedcd8f38-FRA x-cache Hit from cloudfront x-hubspot-correlation-id 300380a0-11b7-4d30-98bb-a19df07bcaa8 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 300380a0-11b7-4d30-98bb-a19df07bcaa8 last-modified Thu, 30 May 2024 14:14:49 UTC server cloudflare etag W/"7f1cb0f6264fd05edb4cc0ec6a9bc096" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-r5jtt cf-ray 89441d4afaef3626-FRA x-amz-cf-id rfF8Iql55oANRgWxzvTOXbPBfcuh4PGlTF164Hlnv5cFWdiRA6Mafw== x-hs-target-asset adsscriptloaderstatic/static-1.563/bundles/pixels-release.js
GET H2	200	banner.js Show response js.hs-banner.com/v2/22265125/	71 KB 26 KB	584ms 482ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/22265125/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/22265125.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e030eae4a6e596d1c9d4126736046d899bb59d1aa3d0b8b6d9e34a55cef3f9a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:06 GMT x-amz-version-id uIdzkJMHdK7VF30en9CA8KjIkt72nrLQ content-encoding gzip cf-cache-status MISS x-amz-request-id 1NP0T6EBXMMT7Q6F x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 3e7d31be-6fdb-40c0-a935-d93f394b3ef5 x-envoy-upstream-service-time 53 x-amz-id-2 OQwUjw+VUfbG17b7RMAUu+CixWb2ha2sr/6/N4+NmzjPrhbF61TGS4uL4CUgIvVfCU4HnC6nT+k= x-evy-trace-listener listener_https x-request-id 3e7d31be-6fdb-40c0-a935-d93f394b3ef5 x-evy-trace-route-configuration listener_https/all last-modified Tue, 14 May 2024 23:56:38 GMT server cloudflare etag W/"85f24facb03d0f31fafc4e8e63003b99" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.praetorian.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 89441d4bfc8d18e2-FRA expires Sat, 15 Jun 2024 17:05:06 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 17 KB	168ms 46ms	Script application/javascript	2a02:26f0:7100::1720:ee10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ee10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 May 2024 16:52:20 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=47429 accept-ranges bytes content-length 16683
GET H3	200	js Show response www.googletagmanager.com/gtag/	294 KB 100 KB	75ms 74ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 4ca3cf06c4a694313556d92929ff2acdfbdb0a6e083a5e3ac630135faa92e135 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 102706 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 15 Jun 2024 17:00:07 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	236 KB 84 KB	70ms 70ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-973478582&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 6021273d787194247970a6dde6431b63e0c20e82fda2644d4d1840ae9c749b6b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 86263 x-xss-protection 0 last-modified Sat, 15 Jun 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Jun 2024 17:00:07 GMT
GET H2	200	hotjar-2851712.js Show response static.hotjar.com/c/	10 KB 5 KB	42ms 41ms	Script application/javascript	18.66.102.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2851712.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-53.fra56.r.cloudfront.net Software / Resource Hash 012b21dac16743d21da03b77747fab3b8dcdd582c70dca4b33e7c3ddf2aebc48 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sat, 15 Jun 2024 17:00:05 GMT via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 2 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/25b27f42fa072ac3be8b132f888ff8c7 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id IV3srgbnK8k2zok95SMaSrGi3Tf92cP7I15ZYWduhtx65jAuHrVt5A==
GET H2	200	modules.db8890ba82a7e392473f.js Show response script.hotjar.com/	223 KB 55 KB	136ms 45ms	Script application/javascript	13.32.27.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.db8890ba82a7e392473f.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2851712.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-107.fra56.r.cloudfront.net Software / Resource Hash 89a2840e72b9ea060982f79dd7c1ac1cc747617f2bd9790b79ac09497d97fe8f Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 11 Jun 2024 13:54:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 356761 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56164 last-modified Tue, 11 Jun 2024 13:53:21 GMT etag "e6623694317786c0abed295167d203ef" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id ECmccV3JTZwFG0qEkq5jgeDEFQTIKQnyYvhcJfTsPLVO-dHX21WLlQ==
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	133 B 451 B	180ms 168ms	XHR application/json	2606:4700::6810:6cfe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22265125&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e93aa9eec4d6341f32f8f81fd9a1865413878bb08addce9c0fbafdfcd4e1ff6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json, text/plain, */* Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 84380e3f-6f7f-4704-ab25-ac73dac79a1f x-envoy-upstream-service-time 11 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 84380e3f-6f7f-4704-ab25-ac73dac79a1f server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.praetorian.com x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 89441d48e8221e56-FRA
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 700 B	327ms 228ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://www.praetorian.com/ sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:06 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: F16A8770EE6D42A8B051F9C6B0D79718 Ref B: FRAEDGE1320 Ref C: 2024-06-15T17:00:07Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.praetorian.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYa8KoGHQOxbjTJdoFUnA==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 860 B	550ms 452ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=3767322%2C3757322&time=1718470807055&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"2","priority":"0"}],"filters":[{"c":["270012514"]},{"c":["266992984"]},{"c":["263639134"]},{"c":["263639124"]},{"c":["259471844"]}],"debug_key":"13865242"} content-encoding gzip date Sat, 15 Jun 2024 17:00:06 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: FE72BE9580D246619F2AEEE7143BCB22 Ref B: FRAEDGE1312 Ref C: 2024-06-15T17:00:07Z access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYa8KoGKQxvskyJ4i8pPg== x-fs-uuid 00061af0aa06290c6fb24c89e22f293e
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807055&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807055&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gt...	0 266 B	342ms 220ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807055&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQITG5hhU1YZmwAAAZAc15BeHt7J6R08S7eTNyrIKDulogpaMf_gGzJjBwSuXA9VMpGwnFfR Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.praetorian.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 15 Jun 2024 17:00:07 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 8DCBDE5661BD44928674146A4DEDE32C Ref B: DUS30EDGE0809 Ref C: 2024-06-15T17:00:07Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYa8KoRJ9t6j9kSdY5EzA== Redirect headers date Sat, 15 Jun 2024 17:00:06 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 854F9088809C4DEA8FF06485F5A7D256 Ref B: FRAEDGE1320 Ref C: 2024-06-15T17:00:07Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807055&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQITG5hhU1YZmwAAAZAc15BeHt7J6R08S7eTNyrIKDulogpaMf_gGzJjBwSuXA9VMpGwnFfR x-li-proto http/2 content-length 0 x-li-uuid AAYa8KoL2JQ4wj6ewhFKGg==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 810 B	236ms 141ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=3767322%2C3757322&time=1718470807059&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:06 GMT content-encoding gzip x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: DE3120274402485996FA3B1CC78B7A75 Ref B: FRAEDGE1312 Ref C: 2024-06-15T17:00:07Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lva1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYa8KoFcbwh5Tarv3XVLg== x-fs-uuid 00061af0aa0571bc21e536abbf75d52e
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807059&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807059&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gt...	0 144 B	225ms 224ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807059&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQKvWJ7oYkxqOgAAAZAc15Kel6wF3ma2O1G3c4QdhL1pfiXq257it6xbPdtaqg6dUGG1c7Nx Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.praetorian.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 15 Jun 2024 17:00:08 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: E13977BA7EA54C2EB0870B72DA2575E9 Ref B: DUS30EDGE0809 Ref C: 2024-06-15T17:00:08Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYa8KoYB3yxJcnC5v/PjQ== Redirect headers date Sat, 15 Jun 2024 17:00:07 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: BF8B0B9BF84B4998B5361E40F466F221 Ref B: FRAEDGE1320 Ref C: 2024-06-15T17:00:08Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807059&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQKvWJ7oYkxqOgAAAZAc15Kel6wF3ma2O1G3c4QdhL1pfiXq257it6xbPdtaqg6dUGG1c7Nx x-li-proto http/2 content-length 0 x-li-uuid AAYa8KoUma8Db/wItzV/Eg==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 640 B	279ms 186ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=3767322%2C3757322&time=1718470807060&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:06 GMT content-encoding gzip x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 913FED99E5C448A084FFD1EF284ADD23 Ref B: FRAEDGE1312 Ref C: 2024-06-15T17:00:07Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-ltx1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYa8KoFys0n/fhG/7g3bg== x-fs-uuid 00061af0aa05cacd27fdf846ffb8376e
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807060&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807060&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gt...	0 144 B	216ms 215ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807060&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQKxlbOlC5-z7gAAAZAc15Rn-8h-fmuvJ79DX0bjNmClld7AkC9CwFUiLRrYJtK8io5F6C8s Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.praetorian.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 15 Jun 2024 17:00:08 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: B6ADC3B05E6F49D196D2833C9C4AE199 Ref B: DUS30EDGE0809 Ref C: 2024-06-15T17:00:08Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYa8Koe+pRjpal6O905kw== Redirect headers date Sat, 15 Jun 2024 17:00:07 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 22CA6A6101AF4170B3CF9DA6EE917CA5 Ref B: FRAEDGE1320 Ref C: 2024-06-15T17:00:08Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3767322%2C3757322&time=1718470807060&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&tm=gtmv2&e_ipv6=AQKxlbOlC5-z7gAAAZAc15Rn-8h-fmuvJ79DX0bjNmClld7AkC9CwFUiLRrYJtK8io5F6C8s x-li-proto http/2 content-length 0 x-li-uuid AAYa8KobmqDO3c6D8XDPww==
POST H2	204	collect region1.analytics.google.com/g/	0 247 B	152ms 48ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-WG4YYDQ1NH&gtm=45je46c0v888757690z8859579073za200zb859579073&_p=1718470803972&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=596358270.1718470807&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718470807&sct=1&seg=0&dl=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&dt=Page%20not%20found%20%7C%20Praetorian&en=page_view&_fv=1&_nsi=1&_ss=1&up.ClearbitTrafficType=Non-Company&up.ClearbitCompanyName=Non-Company&up.ClearbitCompanyDomain=Non-Company&up.ClearbitIndustry=Non-Company&up.ClearbitHQCountry=Non-Company&up.ClearbitHQState=Non-Company&up.ClearbitHQCity=Non-Company&up.ClearbitEmployeeRange=Non-Company&up.ClearbitEstimatedRevenueRange=Non-Company&tfd=6167&_z=sendBeacon Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.praetorian.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 256 B	152ms 48ms	Ping text/plain	2a00:1450:400c:c0a::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WG4YYDQ1NH&cid=596358270.1718470807&gtm=45je46c0v888757690z8859579073za200zb859579073&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.praetorian.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	130ms 77ms	Image image/gif	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WG4YYDQ1NH&cid=596358270.1718470807&gtm=45je46c0v888757690z8859579073za200zb859579073&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=2006594398 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:08 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p.css p.typekit.net/	5 B 172 B	202ms 47ms	Stylesheet text/css	2a02:26f0:7100::1720:ef1a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=yng4pbv&ht=tk&f=26911.26913.34691.34692.34693.34697.34701.36466.36470.36471.36473&a=23300812&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/yng4pbv.css?ver=6.5.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:08 GMT last-modified Fri, 23 Jun 2023 17:09:47 GMT server nginx etag "6495d1db-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	49ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-WG4YYDQ1NH&gtm=45je46c0v888757690za200zb859579073&_p=1718470803972&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=596358270.1718470807&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718470807&sct=1&seg=0&dl=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&dt=Page%20not%20found%20%7C%20Praetorian&en=scroll&epn.percent_scrolled=90&_et=10&tfd=7938&_z=sendBeacon Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.praetorian.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	281 KB 0	0ms 0ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eccef96ad31116dcdd83e945f6e67593f2100ad518f1dd1a561453c8a9d81a36 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:05 GMT content-encoding br last-modified Sat, 15 Jun 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 97950 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 15 Jun 2024 17:00:05 GMT
GET H2	200	hotjar-2358062.js Show response static.hotjar.com/c/	0 430 B	75ms 74ms	Script application/javascript	18.66.102.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2358062.js?sv=5 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-53.fra56.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=2592000; includeSubDomains date Sat, 15 Jun 2024 17:00:09 GMT x-content-type-options nosniff via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/d41d8cd98f00b204e9800998ecf8427e vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin content-length 0 x-amz-cf-id oVsIEBSbis5KQfliPJ1ShEaF3xaD-q_HpODeE9jmgWfD9rZQYniEnQ==
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 885 B	278ms 194ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id a67d5c26-03e9-4b0a-bce6-de4341e3b3f1 x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id a67d5c26-03e9-4b0a-bce6-de4341e3b3f1 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-4xq5s access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 89441d5d1949c074-WAW
GET H2	200	pixel.js Show response grow.clearbitjs.com/api/	100 B 372 B	382ms 240ms	Script text/javascript	216.24.57.252 RENDER
General Check archive.org Show headers Download Go to Full URL https://grow.clearbitjs.com/api/pixel.js?v=1718470809029 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.252 , United States, ASN397273 (RENDER, US), Reverse DNS Software cloudflare / Resource Hash 6c4bdad53042e2bd6e5a231bfcd66d19dc33f507edc2b847ff3c58aca74ff138 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare strict-transport-security max-age=31536000; includeSubDomains rndr-id 98f99222-3428-4b6a x-render-origin-server Render vary Accept-Encoding content-type text/javascript cf-ray 89441d5d6fe46a74-TXL alt-svc h3=":443"; ma=86400
GET H2	403	tags.js tag.clearbitscripts.com/v1/pk_a49fe994c44a9c991691f43c10330c9f/	0 0	308ms 200ms	Script application/javascript	2600:9000:2104:5a00:7:d7d6:3c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.clearbitscripts.com/v1/pk_a49fe994c44a9c991691f43c10330c9f/tags.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:5a00:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Clearbit / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:08 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - via 1.1 cca9137c259ad738f790039a45561cee.cloudfront.net (CloudFront) server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop AMS1-C1 vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript;charset=utf-8 cache-control private, max-age=600 x-amz-cf-id jrjy0nPW2c25ZncOiE7FfaRizn-qnTXuoxJ8Ysi_W4nWOlWHHB7LVA==
GET H2	200	tag.aspx Show response ml314.com/	37 KB 12 KB	192ms 40ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?155 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 773a28cc9ac8062b38482769d1f03d92a6487d5775d439cff1c8b5be61fdd6d7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 16:37:35 GMT via 1.1 google content-encoding br age 1354 x-guploader-uploadid ABPtcPprhALinIUt582HmnNuuKv_Zeq460O5n3uJ5cI7tAYyhT6dBevMk_LAB_YbonMS0BNyafrjPiKjMw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12140 last-modified Wed, 12 Jun 2024 23:47:10 GMT server UploadServer vary Accept-Encoding x-goog-generation 1718236030191817 x-goog-hash crc32c=jdP4zA==, md5=YRx2m1aKFpugF5vA5Ps9ng== content-type application/javascript cache-id FRA-1209ea83 cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 37568 accept-ranges bytes
GET H2	200	22265125.js Show response js.hs-scripts.com/	2 KB 0	12ms 12ms	Script application/javascript	2606:4700::6810:8ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/22265125.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71af2639a0f51b91a737cd29985d44bc4a7218bdfd9044500bf5f9ec9d2b74ca Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:04 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 9a5390d9-f5fd-408b-a460-12acd9c8d8ff x-envoy-upstream-service-time 7 content-length 645 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9a5390d9-f5fd-408b-a460-12acd9c8d8ff last-modified Sat, 15 Jun 2024 16:51:25 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.praetorian.com x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-hcrnk access-control-allow-credentials true cache-control public, max-age=90 accept-ranges bytes cf-ray 89441d3d6d573821-FRA expires Sat, 15 Jun 2024 17:01:34 GMT
GET H2	200	uet2c95y5w8r.js Show response js.driftt.com/include/1718471100000/	221 KB 62 KB	436ms 280ms	Script application/javascript	18.245.86.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1718471100000/uet2c95y5w8r.js Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-87.fra60.r.cloudfront.net Software istio-envoy / Resource Hash 24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT x-amz-version-id vYj2QwoXuDHoMr32TIXJRIEgPcZmsDr0 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P6 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront x-envoy-upstream-service-time 45 last-modified Thu, 30 May 2024 18:54:04 GMT server istio-envoy etag W/"ae4f24426ae40aec8481b3eedc7098e8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Fql9BubCme6w20gEg1ljTLKZqI-AFewt4G79brvAQaoHWJ08vz6gLw==
GET H2	200	nav-active.svg www.praetorian.com/wp-content/themes/studio-simpatico/svgs/	1 KB 1 KB	148ms 146ms	Image image/svg+xml	146.148.61.165 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.praetorian.com/wp-content/themes/studio-simpatico/svgs/nav-active.svg Requested by Host: www.praetorian.com URL: https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_8813209e66c1c318230aacc4fa2aed61.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 165.61.148.146.bc.googleusercontent.com Software nginx / Resource Hash 6a980933b39409d97cd947dd6dc1837de2e49e87c7d9903122adb293cc8404cf Security Headers Name Value Content-Security-Policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_8813209e66c1c318230aacc4fa2aed61.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT content-security-policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; content-encoding br last-modified Wed, 29 May 2024 20:53:05 GMT server nginx etag W/"665795b1-41e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	watermark-footer.svg www.praetorian.com/wp-content/themes/studio-simpatico/svgs/	6 KB 3 KB	247ms 246ms	Image image/svg+xml	146.148.61.165 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.praetorian.com/wp-content/themes/studio-simpatico/svgs/watermark-footer.svg Requested by Host: www.praetorian.com URL: https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_8813209e66c1c318230aacc4fa2aed61.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 165.61.148.146.bc.googleusercontent.com Software nginx / Resource Hash 202f0d4e1127ce8b1a3029ac6724c6c081d5b7936b0c81ea3f42862618fc22c6 Security Headers Name Value Content-Security-Policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_8813209e66c1c318230aacc4fa2aed61.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT content-security-policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; content-encoding br last-modified Wed, 29 May 2024 20:53:05 GMT server nginx etag W/"665795b1-16ff" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	l use.typekit.net/af/e40556/00000000000000007735adbc/30/	44 KB 45 KB	579ms 415ms	Font application/font-woff2	2a02:26f0:7100::1720:ef23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/e40556/00000000000000007735adbc/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/yng4pbv.css?ver=6.5.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash a60e4a6f8b89cbd1debcd7f90a0e60099a7caa9490a3c5305b18cb094c53dd4b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/yng4pbv.css?ver=6.5.3 Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT server nginx etag "f3cafd088bc07c2d3ded8cc91e0729be713189cf" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 45396
GET H2	200	l use.typekit.net/af/3f03c1/00000000000000003b9ad13e/27/	21 KB 21 KB	908ms 744ms	Font application/font-woff2	2a02:26f0:7100::1720:ef23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/3f03c1/00000000000000003b9ad13e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/yng4pbv.css?ver=6.5.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash b475b2648fbcf6b9f1535198a5f52c11dc0bb9ed88bbf93d39eb1be9a391edc4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/yng4pbv.css?ver=6.5.3 Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT server nginx etag "1a48bcc440a68538029c6482155125eab9fb73c6" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 21352
GET H2	200	l use.typekit.net/af/7c9acc/00000000000000007735adc8/30/	44 KB 44 KB	590ms 426ms	Font application/font-woff2	2a02:26f0:7100::1720:ef23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/7c9acc/00000000000000007735adc8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/yng4pbv.css?ver=6.5.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash b084305ba75c61a6309a9dec021937b5d7674640f9017527dda68bf72312e882 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/yng4pbv.css?ver=6.5.3 Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT server nginx etag "16adcf7e4da5d53f928f7fcda315b413887cac41" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 45284
GET H2	200	l use.typekit.net/af/09940c/00000000000000007735a996/30/	26 KB 26 KB	590ms 427ms	Font application/font-woff2	2a02:26f0:7100::1720:ef23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/09940c/00000000000000007735a996/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/yng4pbv.css?ver=6.5.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 417debb36c2433e8aac621b9b88cef9aee936879ee30051b8724b606bcc84fd9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/yng4pbv.css?ver=6.5.3 Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT server nginx etag "accde79d00f44e34fcec986689bcda82817c4a98" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 26132
GET H2	200	l use.typekit.net/af/5a2c6f/00000000000000003b9ad13c/27/	21 KB 21 KB	920ms 757ms	Font application/font-woff2	2a02:26f0:7100::1720:ef23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/5a2c6f/00000000000000003b9ad13c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/yng4pbv.css?ver=6.5.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 878130b86e81304bd9d8afd8a8c5bc6c2d03194a3917e5bab3ddfa9eb3a07cb3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/yng4pbv.css?ver=6.5.3 Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT server nginx etag "22cae4f69d39ee6531cf5c3445fc374f7c7869cc" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 21636
GET H2	200	l use.typekit.net/af/3f8415/00000000000000007735a9bb/30/	25 KB 26 KB	913ms 750ms	Font application/font-woff2	2a02:26f0:7100::1720:ef23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/3f8415/00000000000000007735a9bb/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/yng4pbv.css?ver=6.5.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 97c93526e3f8fe46ecf144bbe83442d7e0d6458021d47039b7db77b32918f530 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/yng4pbv.css?ver=6.5.3 Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT server nginx etag "8cb803a20ad97d966652b2c079d44eb6f5146fdd" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 25940
GET H2	200	logo-footer.svg www.praetorian.com/wp-content/themes/studio-simpatico/svgs/	6 KB 3 KB	195ms 188ms	Image image/svg+xml	146.148.61.165 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.praetorian.com/wp-content/themes/studio-simpatico/svgs/logo-footer.svg Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 165.61.148.146.bc.googleusercontent.com Software nginx / Resource Hash a76538234c074b11702550272f6a00d8ef76f6908e99cd0ca6dc011733ad24fa Security Headers Name Value Content-Security-Policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT content-security-policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; content-encoding br last-modified Wed, 29 May 2024 20:53:05 GMT server nginx etag W/"665795b1-1710" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 0	1ms 0ms	Script application/javascript	2a02:26f0:7100::1720:ee10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ee10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 May 2024 16:52:20 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=47429 accept-ranges bytes content-length 16683
GET H2	200	dc684754-1ecd-4a72-ab04-f7a433acb0dc.js Show response j.6sc.co/j/	5 KB 2 KB	661ms 466ms	Script application/javascript	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/j/dc684754-1ecd-4a72-ab04-f7a433acb0dc.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 55cb7986aa2cdd3e35ebf4be8d112aa27ce2a473d7914483f31ecc6dfbd1bf21 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id a88kQFqZnGOAEdq6UO6cVn_TFGuFtTBR content-encoding gzip date Sat, 15 Jun 2024 17:00:09 GMT x-amz-cf-pop FRA60-P8 x-amz-server-side-encryption AES256 x-amz-meta-content-type application/json content-length 1595 pragma no-cache last-modified Tue, 16 Apr 2024 23:31:27 GMT server AmazonS3 etag "7d95ee6175579cfd772119dd8dfe5371" vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store accept-ranges bytes x-amz-cf-id 5y8G_mF1GvkvhRm9Gr4zaoLTsf-9FLUhMHLTEBStlYrmrjxp9UNgHg== expires Sat, 15 Jun 2024 17:00:09 GMT
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	180 B 1 KB	263ms 173ms	XHR application/json	2606:4700::6812:f46c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=22265125 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb017b11346c44f8c491900723c7095f74223487be55b56751064e8cc0034654 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id aa871d2d-b4b8-4461-b12f-36c6abf05304 content-encoding br x-envoy-upstream-service-time 8 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id aa871d2d-b4b8-4461-b12f-36c6abf05304 server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.praetorian.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-d7kd4 access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeXvW2%2FIm4VFH2SzjLI1yZthYo8TDTFreVMCs%2BHm7ZHp6Jea%2Be8Babz14g%2F2sERamwGEjSYVvclkBhYc4lyz%2BVSlyi8Ue15jS6%2FpSgA2euzFmyJijqijmPBe7fd05Zu5qYvb4WNFI36kaQcG"}],"group":"cf-nel","max_age":604800} cf-ray 89441d5e6e71903a-FRA access-control-allow-headers *
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	48ms 48ms	Ping text/plain	216.239.32.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-WG4YYDQ1NH&gtm=45je46c0v888757690za200zb859579073&_p=1718470803972&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=596358270.1718470807&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=3&sid=1718470807&sct=1&seg=1&dl=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&dt=Page%20not%20found%20%7C%20Praetorian&en=page_view&_ee=1&_et=1754&tfd=8191&_z=sendBeacon Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.32.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.praetorian.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	preact-incoming-feedback.a4d7fb05a6657790bcf7.js Show response script.hotjar.com/	199 KB 45 KB	45ms 44ms	Script application/javascript	13.32.27.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/preact-incoming-feedback.a4d7fb05a6657790bcf7.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.db8890ba82a7e392473f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-107.fra56.r.cloudfront.net Software / Resource Hash 73046786c30c176b61049789a06ce4461655927faf28d1bab2aa9e4547949620 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 17 May 2024 10:05:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 2530502 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 45575 last-modified Fri, 17 May 2024 10:05:06 GMT etag "c5390e5a02f2d7b5e64eaac00a4e9e1a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id aAqfqTS_yuo5awSrHF3rxYxnjFlr7-6_RUBb24CFhtOXvrFih3Vu2w==
POST H2	200	/ Show response content.hotjar.io/	56 B 171 B	271ms 111ms	XHR application/json	34.250.195.248 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?site_id=2851712&gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.db8890ba82a7e392473f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.250.195.248 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-195-248.eu-west-1.compute.amazonaws.com Software / Resource Hash 4eb033db7f750717310536de3ca974c97dcfb1d52a0309c1eff446b41ae72394 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Sat, 15 Jun 2024 17:00:09 GMT content-length 56 access-control-max-age 86400 content-type application/json
GET H2	200	utsync.ashx Show response ml314.com/	62 B 254 B	61ms 59ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=89211&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pv=1718470809379_bq8r617sw&bl=de-de&cb=3143292&return=&ht=&d=&dc=&si=1718470809379_bq8r617sw&cid=&s=1600x1200&rp=&v=2.7.3.180 Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?155 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:09 GMT via 1.1 google, 1.1 google server Google Frontend content-type application/javascript p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H2	200	font-hotjar_5.65042d.woff2 script.hotjar.com/	2 KB 3 KB	120ms 40ms	Font font/woff2	13.32.27.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/font-hotjar_5.65042d.woff2 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-107.fra56.r.cloudfront.net Software / Resource Hash fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Origin https://www.praetorian.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 10 Sep 2023 20:18:44 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 24093685 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Fri, 08 Sep 2023 09:39:02 GMT etag "c9fb9163f8b7be37023ebe649688bebf" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 x-robots-tag none x-amz-cf-id Gc-VyJErvvUmURNs_VnQYHAyY-wed0X5wVo2P9I1JCJT7oEvDPQ2ig==
GET H3	200	js Show response www.googletagmanager.com/gtag/	236 KB 84 KB	74ms 73ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-973478582 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash fc7235a7f855766d18b654b8900d47e6851ead4aeb000292e81d4b0668514d00 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 86224 x-xss-protection 0 last-modified Sat, 15 Jun 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Jun 2024 17:00:09 GMT
GET H2	200	6si.min.js Show response j.6sc.co/	66 KB 18 KB	41ms 40ms	Script application/javascript	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: j.6sc.co URL: https://j.6sc.co/j/dc684754-1ecd-4a72-ab04-f7a433acb0dc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 09 May 2024 06:01:25 GMT server nginx/1.14.0 (Ubuntu) etag "663c66b5-106b3" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 18038 expires Sat, 15 Jun 2024 17:00:09 GMT
GET H2	200	getuidj Show response secure.adnxs.com/	11 B 701 B	215ms 57ms	XHR application/json	185.89.210.46 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:10 GMT an-x-request-uuid c00eb259-fa00-4740-8b0d-2d548e35ba83 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.praetorian.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.7.107; 80.255.7.107; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 11 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 195 B	53ms 42ms	XHR text/html	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:09 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://www.praetorian.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	20 B 312 B	203ms 42ms	XHR text/html	2a02:26f0:480:22::1726:62ed AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62ed Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 3992ccb3af03535e9a36522b5bdab5c153ee264de529da6bb1eea9fcfa654abc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:10 GMT vary Origin content-type text/html access-control-allow-origin https://www.praetorian.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2a01:4a0:1338:92::11 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718470809964_389993773_10649351_26_727_39_94_219";dur=1 content-length 20 expires Sat, 15 Jun 2024 17:00:10 GMT
GET H2	200	details Show response epsilon.6sense.com/v3/company/	725 B 709 B	270ms 191ms	XHR application/json	76.223.9.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.9.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ac3ff6aafb2cddae2.awsglobalaccelerator.com Software nginx / Resource Hash d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Token 1ffad50b911f399d96dcf54250c6d9827040e42f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 X-6s-CustomID WebTag dc684754-1ecd-4a72-ab04-f7a433acb0dc Referer https://www.praetorian.com/ sec-ch-ua-platform "Win32" Response headers x-trace-id 5427895077575623290 date Sat, 15 Jun 2024 17:00:10 GMT content-encoding gzip server nginx vary Origin, Accept-Encoding content-type application/json x-6si-region eu-central-1a access-control-allow-origin https://www.praetorian.com access-control-expose-headers X-6si-Region access-control-allow-credentials true timing-allow-origin https://6sense.com, https://www.ssga.com content-length 387
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	476ms 48ms	Preflight	76.223.9.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.9.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ac3ff6aafb2cddae2.awsglobalaccelerator.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-6s-customid Access-Control-Request-Method GET Origin https://www.praetorian.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,x-6s-customid access-control-allow-methods OPTIONS,GET access-control-allow-origin https://www.praetorian.com access-control-expose-headers X-6si-Region access-control-max-age 1800 date Sat, 15 Jun 2024 17:00:10 GMT server nginx timing-allow-origin https://6sense.com, https://www.ssga.com x-6si-region eu-central-1a x-trace-id 8002332813791065864
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	184ms 137ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:10 GMT x-content-type-options nosniff last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:10 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	184ms 138ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:10 GMT x-content-type-options nosniff last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:10 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	183ms 137ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%222f9e661fff3e404e57be18fe99c7aead%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%221ffad50b911f399d96dcf54250c6d9827040e42f%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22dc684754-1ecd-4a72-ab04-f7a433acb0dc%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:10 GMT x-content-type-options nosniff last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:10 GMT
GET H2	200	core js.driftt.com/ Frame 008D	0 0	236ms 149ms	Document text/html	18.245.86.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core?d=1&embedId=uet2c95y5w8r&eId=uet2c95y5w8r&region=US&forceShow=false&skipCampaigns=false&sessionId=5e91c70f-8b06-460e-b517-6ebef5226315&sessionStarted=1718470810.3&campaignRefreshToken=2d2ec71e-a260-4a12-b8e6-99595ca86362&hideController=false&pageLoadStartTime=1718470803948&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1718471100000/uet2c95y5w8r.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-14.fra60.r.cloudfront.net Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.praetorian.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Sat, 15 Jun 2024 17:00:10 GMT etag W/"5bb8e97d035f5bbf7dbcf6acec56024f" last-modified Thu, 30 May 2024 18:53:57 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront) x-amz-cf-id X99tTcvdDCd4VLy2cad1b_sZJzaldrzw_hbnI89qHqRFnOE4KTHqIQ== x-amz-cf-pop FRA60-P6 x-amz-server-side-encryption AES256 x-amz-version-id ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 23
GET H2	200	chat js.driftt.com/core/ Frame C435	0 0	228ms 145ms	Document text/html	18.245.86.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718470803948 Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1718471100000/uet2c95y5w8r.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-14.fra60.r.cloudfront.net Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.praetorian.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Sat, 15 Jun 2024 17:00:10 GMT etag W/"5bb8e97d035f5bbf7dbcf6acec56024f" last-modified Thu, 30 May 2024 18:53:57 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront) x-amz-cf-id Fl1SpAyEn374TQWYJOx0e-8d0hYw4TDAXK7Q_rfxHdJU4L_RCrXydg== x-amz-cf-pop FRA60-P6 x-amz-server-side-encryption AES256 x-amz-version-id ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 19
GET H3	200	zi-tag.js Show response js.zi-scripts.com/	9 KB 3 KB	240ms 89ms	Script application/javascript	172.64.150.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/zi-tag.js Requested by Host: www.praetorian.com URL: https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:10 GMT x-amz-version-id 4TVPkf0eH3kVl0Vjj3KPZI_FUiecs6et content-encoding gzip cf-cache-status DYNAMIC via 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 82790 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 15 May 2024 06:37:27 GMT server cloudflare etag W/"5c7228fc2640a4dfce48217428980fe3" vary Accept-Encoding content-type application/javascript cf-ray 89441d658892bf20-WAW x-amz-cf-id OUke-PW-kCWJ6JjaxfwHtp8JQE00oHPOihC7uz0siStVazQytvH0eQ==
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	318ms 177ms	Image image/gif	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=22265125&ct=standard-page&pu=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&t=Page+not+found+%7C+Praetorian&cts=1718470810320&vi=c430492af03a720c76c2d2373b2404c3&nc=true&u=185921974.c430492af03a720c76c2d2373b2404c3.1718470810316.1718470810316.1718470810316.1&b=185921974.1.1718470810316&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 782f3966-8a88-46d9-87d2-7e3088cd537f p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 10 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 782f3966-8a88-46d9-87d2-7e3088cd537f server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMDyFvJEGGfrRiIAtl%2F1jqHtjG%2FHWFgBU9RynXydpa91JbA4%2F7MuiM26A1LoaK9LKJr1HqvncYcAyn8rLE6PigSdXyEQTpoWljiEqbbcpfl0s0Kl6vo4e44h%2FRbmfs4pYf9YicVhIJui%2FKyv6g1c"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-zw6hg x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 89441d6589dc9a05-FRA x-robots-tag none
GET H3	200	getSubscriptions Show response js.zi-scripts.com/unified/v1/master/	146 B 516 B	231ms 231ms	Fetch application/json	172.64.150.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6eedd7f449ceeb33c8c52ff94d9192f090909cf314055243a5ffe69b521ec67e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer d2849480311681745459 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Referer https://www.praetorian.com/ visited_url https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Response headers date Sat, 15 Jun 2024 17:00:11 GMT via 1.1 f85507efbbf0b1db5950fc09efe974e2.cloudfront.net (CloudFront) content-encoding gzip cf-cache-status DYNAMIC x-amz-cf-pop WAW51-P3 x-powered-by Express x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 apigw-requestid ZaxITj-mvHcEPiQ= server cloudflare etag W/"92-FMtrsSm/zlxXM307wdReEGSMLNg" content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cf-ray 89441d69cdf6bbb7-WAW x-amz-cf-id CWJ10MlBF8tle6FAC4HIV9SPDngs8BQ2roUJetaJx9SRqAw2YL9Iww==
OPTIONS H3	204	getSubscriptions js.zi-scripts.com/unified/v1/master/ Frame	0 0	587ms 531ms	Preflight	172.64.150.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,visited_url Access-Control-Request-Method GET Origin https://www.praetorian.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * access-control-max-age 0 alt-svc h3=":443"; ma=86400 apigw-requestid ZaxIRjEbvHcEPug= cf-cache-status DYNAMIC cf-ray 89441d667fcfbbb7-WAW date Sat, 15 Jun 2024 17:00:11 GMT server cloudflare vary Access-Control-Request-Headers via 1.1 688d904d987614fcef2b4de2a0607d0c.cloudfront.net (CloudFront) x-amz-cf-id LEHULi6N2Pt1b-JmmuGXIaVMlKuYUQZcYRW1n6OZ2TsI1m4OB5I5hg== x-amz-cf-pop WAW51-P3 x-cache Miss from cloudfront x-powered-by Express
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	163ms 117ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A09%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%221004%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&an_uid=0&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:11 GMT x-content-type-options nosniff last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:11 GMT
GET H3	200	/ Show response ws.zoominfo.com/pixel/643d69ab01de62a7d084c0dd/	3 KB 2 KB	415ms 340ms	Fetch text/javascript	104.16.118.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/643d69ab01de62a7d084c0dd/?iszitag=true Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4f7808f9cc2cc225683ec06397cb807ca60aeb2177d63b5df108e06c0bc8c4fb Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/javascript visited-url https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Referer https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve _vtok ODAuMjU1LjcuMTA3 _zitok f86eab58ab8764c5442b1718470811 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:12 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin https://www.praetorian.com access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url alt-svc h3=":443"; ma=86400 cf-ray 89441d6ec997c060-WAW
OPTIONS H3	200	/ ws.zoominfo.com/pixel/643d69ab01de62a7d084c0dd/ Frame	0 0	467ms 270ms	Preflight text/html	104.16.118.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/643d69ab01de62a7d084c0dd/?iszitag=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _vtok,_zitok,content-type,visited-url Access-Control-Request-Method GET Origin https://www.praetorian.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url access-control-allow-origin https://www.praetorian.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 89441d6c9f05bbe2-WAW content-encoding gzip content-type text/html; charset=utf-8 date Sat, 15 Jun 2024 17:00:11 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow
GET H2	200	cropped-Praetorian-Favicon-32x32.png www.praetorian.com/wp-content/uploads/2021/01/	1 KB 2 KB	306ms 102ms	Other image/png	146.148.61.165 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.praetorian.com/wp-content/uploads/2021/01/cropped-Praetorian-Favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 165.61.148.146.bc.googleusercontent.com Software nginx / Resource Hash 562f63e0d349529b85a7731c44f4890b86d4005bddd37a8a545a63898467fb38 Security Headers Name Value Content-Security-Policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/blog/refresh-compromising-f-big-ip-with-request-smuggling-cve Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 17:00:11 GMT content-security-policy frame-src 'self' online.fliphtml5.com app.hubspot.com player.vimeo.com boards.greenhouse.io www.praetorian.com *.google.com *.youtube.com *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com *.vimeo.com vars.hotjar.com mlb.praetorian.com js.driftt.com widget.drift.com; frame-ancestors 'none'; last-modified Wed, 29 May 2024 20:53:04 GMT server nginx etag "665795b0-580" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 1408
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	212ms 178ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A10%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&an_uid=0&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:12 GMT x-content-type-options nosniff last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:12 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	213ms 180ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=ni%3AmapCookie&q=%7B%22thirdPartyValues%22%3A%22%5B%7B%5C%22map%5C%22%3A%5C%22Hubspot%5C%22%2C%5C%22cookieName%5C%22%3A%5C%22hubspotutk%5C%22%2C%5C%22cookieValue%5C%22%3A%5C%22c430492af03a720c76c2d2373b2404c3%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&an_uid=0&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:12 GMT x-content-type-options nosniff last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:12 GMT
GET BLOB	200 OK	4caefac4-fec3-476d-8174-8a8ca865730a Show response https://www.praetorian.com/	3 KB 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.praetorian.com/4caefac4-fec3-476d-8174-8a8ca865730a Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4f7808f9cc2cc225683ec06397cb807ca60aeb2177d63b5df108e06c0bc8c4fb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 2932 Content-Type text/javascript
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	3532ms 3531ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A11%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&an_uid=0&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:16 GMT x-content-type-options nosniff last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:16 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	2566ms 2566ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A12%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&an_uid=0&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:16 GMT x-content-type-options nosniff last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:16 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	2055ms 2054ms	Ping text/plain	216.239.32.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-WG4YYDQ1NH&gtm=45je46c0v888757690za200zb859579073&_p=1718470803972&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=596358270.1718470807&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1718470807&sct=1&seg=1&dl=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&dt=Page%20not%20found%20%7C%20Praetorian&en=detect_user&_ee=1&ep.event_category=Hotjar&ep.event_label=989e3c24&ep.non_interaction=true&_et=246&up.hjuid=989e3c24&tfd=13191&_z=sendBeacon Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.32.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:16 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.praetorian.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	1565ms 1564ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A13%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&an_uid=0&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:16 GMT x-content-type-options nosniff last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:16 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	565ms 565ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=2f9e661fff3e404e57be18fe99c7aead&svisitor=null&visitor=1c3034b0-6bf6-4218-8128-641ea9bd9b3e&session=0fe6bfdd-7725-4d66-80d2-440d1dd9ae90&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2015%20Jun%202024%2017%3A00%3A14%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226007%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20Praetorian%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Frefresh-compromising-f-big-ip-with-request-smuggling-cve&pageViewId=e2c49493-0e58-4330-87f2-a1408056edcc&an_uid=0&webTagId=dc684754-1ecd-4a72-ab04-f7a433acb0dc&v=1.1.20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.praetorian.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 17:00:16 GMT x-content-type-options nosniff last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 15 Jun 2024 17:00:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtm.js?id=GTM-54H7Q6G