labs.watchtowr.com Open in urlscan Pro
2a04:4e42:200::775  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1731463918568&url=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1731463918568&url=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F&e_ipv6=AQJvWZ4tf0zMQAAAAZMjSrSlqH_0_dTVy1DZHogev1DUg_BJdDVhNKiZX7Vfe97eOLyM6EkqlwRbeMesJOrbQEUf4_SM3w

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/	77 KB 25 KB	102ms 22ms	Document text/html	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 7aa9d909696b6f4b80f0f0e0aeb96633d250427cdb1b8678a191170c019182ea Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 46568 alt-svc clear cache-control public, max-age=0 content-encoding gzip content-length 24835 content-type text/html; charset=utf-8 date Wed, 13 Nov 2024 02:11:58 GMT etag W/"13429-u4CQq4QxomDKADZHZpl8BzaemaU" ghost-fastly true server openresty status 200 OK vary Cookie, Accept-Encoding via 1.1 varnish, 1.1 varnish, 1.1 varnish x-cache MISS, HIT, HIT x-cache-hits 0, 16, 0 x-request-id 5583c100-5998-444c-a589-7b62c9fcd3e8 x-served-by cache-ams21035-AMS, cache-ams21035-AMS, cache-fra-etou8220072-FRA x-timer S1731463918.309733,VS0,VE1
GET H2	200	css2 fonts.googleapis.com/	39 KB 3 KB	89ms 33ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&family=Inter:wght@400;500;600;700;800&display=swap Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4b9ee54747beb19126d4829f3bfc45823f5871c145a96256ee14d0000d35bd61 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 13 Nov 2024 02:11:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 02:11:58 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 13 Nov 2024 01:30:37 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	screen.css labs.watchtowr.com/assets/built/	32 KB 7 KB	52ms 51ms	Stylesheet text/css	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/assets/built/screen.css?v=28e65f086b Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash c04c22ec20671d45136ecbb2c6c1729daecf3a089378842a926769966202c863 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id a73f4581-bc44-42a3-9918-35f60b706dbf content-encoding gzip etag W/"7f54-190396a44ad" age 55157 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, MISS, HIT date Wed, 13 Nov 2024 02:11:58 GMT last-modified Fri, 21 Jun 2024 06:09:44 GMT vary Accept-Encoding x-cache-hits 0, 0, 0 content-type text/css; charset=UTF-8 x-served-by cache-ams21069-AMS, cache-ams21069-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.343567,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 6985 server openresty
GET H2	200	sodo-search.min.js Show response cdn.jsdelivr.net/ghost/sodo-search@~1.5/umd/	261 KB 82 KB	82ms 24ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/ghost/sodo-search@~1.5/umd/sodo-search.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bd88131fe7ee5d61e67c8d4e5672b93045bd823a57766a4ebbc989b1d8188d27 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers access-control-expose-headers * content-encoding br etag W/"4130f-caJJyahEf2MS4p/HWKHIWUAl2vw" age 19133 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220117-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 83038 x-jsd-version 1.5.0
GET H2	200	cards.min.js Show response labs.watchtowr.com/public/	6 KB 2 KB	26ms 23ms	Script application/javascript	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/public/cards.min.js?v=28e65f086b Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 7b257e1e81be5f3928d1fa0dc765a5d77eb818b61d72f940ee947dc955bbbb0b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id b1be8b30-6ca4-4559-950a-fe1a23679dba content-encoding gzip etag W/"143954965104cf254bf1a498449c6855" age 55157 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, MISS, HIT date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript x-served-by cache-ams2100109-AMS, cache-ams21043-AMS, cache-fra-etou8220072-FRA x-cache-hits 0, 0, 0 vary Accept-Encoding cache-control public, max-age=31536000 x-timer S1731463918.438755,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 1490 server openresty
GET H2	200	cards.min.css labs.watchtowr.com/public/	37 KB 6 KB	46ms 45ms	Stylesheet text/css	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/public/cards.min.css?v=28e65f086b Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 27c72000333080dee55d65b2323469fa581afe51ee0d5f0653454cc0af078b7e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id 844bb419-6c3b-41ad-bb00-6938661a11a1 content-encoding gzip etag W/"78a238818fe197705adc97c6ad901852" age 55157 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, MISS, HIT date Wed, 13 Nov 2024 02:11:58 GMT content-type text/css x-served-by cache-ams21030-AMS, cache-ams21030-AMS, cache-fra-etou8220072-FRA x-cache-hits 0, 0, 0 vary Accept-Encoding cache-control public, max-age=31536000 x-timer S1731463918.343519,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 6284 server openresty
GET H2	200	js Show response www.googletagmanager.com/gtag/	298 KB 102 KB	97ms 39ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q0QQGYH9DL Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ec68c73b11c89e6265baf98aaf73f8604d2fec2829a4471f8b019cc10b6165c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 13 Nov 2024 02:11:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 104128 x-xss-protection 0 server Google Tag Manager
GET H2	200	23785948.js Show response js-na1.hs-scripts.com/	2 KB 1010 B	84ms 33ms	Script application/javascript	2606:4700::6810:89d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/23785948.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e76a4925571cb547d8bffe0fa2d53df97c281d10b65b54bd3307ba161821b68c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers access-control-max-age 3600 content-encoding gzip cf-cache-status HIT age 994 x-content-type-options nosniff date Wed, 13 Nov 2024 02:11:58 GMT x-hubspot-correlation-id 89139ad4-2988-4268-9474-f6db0c12821b content-type application/javascript;charset=utf-8 vary origin, Accept-Encoding last-modified Wed, 13 Nov 2024 01:55:24 GMT access-control-allow-credentials true cf-ray 8e1b3bf28fa5d3b5-FRA accept-ranges bytes access-control-allow-origin https://labs.watchtowr.com content-length 675 server cloudflare
GET H3	200	prism-tomorrow.min.css cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/themes/	1 KB 1 KB	60ms 32ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/themes/prism-tomorrow.min.css Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-1d8" age 453384 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMs2SET%2FSrf6dSE7OmLVXaKR1yZmhaGHriOgWdCpWhmYVhQyFpVxSWNY6qWyCoDCjgJ9uRG3zhkI40Tavcx53FlGEztI5E9ZPH1ylUzn3Ns9Ca8yVNhQ55xMKqh967j%2B%2BR7qX0BpsKfoUSyIoBUYSIFk"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type text/css; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf1de7765ac-FRA accept-ranges bytes access-control-allow-origin * content-length 472 server cloudflare
GET H2	200	watchTowr---Labs-White.svg labs.watchtowr.com/content/images/2022/04/	3 KB 2 KB	51ms 50ms	Image image/svg+xml	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/2022/04/watchTowr---Labs-White.svg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 653dd026068639c920becd532cf32e17cab76ed6de3d821abfc7ba6c49b6ea64 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers ghost-age 0 x-request-id c2657e0e-9389-4067-ac87-0541392da2de content-encoding gzip etag W/"c1a-18078df92b7" age 1847339 ghost-fastly true ghost-cache MISS status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT content-type image/svg+xml last-modified Sat, 30 Apr 2022 05:09:19 GMT x-served-by cache-ams21080-AMS, cache-ams21080-AMS, cache-fra-etou8220072-FRA x-cache-hits 0, 11, 0 vary Accept-Encoding cache-control public, max-age=31536000 x-timer S1731463918.343732,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 1192 server openresty
GET H2	200	citrix.png labs.watchtowr.com/content/images/size/w1200/2024/11/	124 KB 124 KB	23ms 23ms	Image image/png	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/size/w1200/2024/11/citrix.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash ac444d5018383fbb264575720c8f4b5191f4518074841ccf9a5abe24658c8d97 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id 497a0b2e-1069-4ce2-8046-8e8b84a0a7eb etag W/"1f027-1930b804195" age 399143 ghost-fastly true status 206 Partial Content alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT last-modified Fri, 08 Nov 2024 11:19:35 GMT content-type image/png x-cache-hits 0, 19, 0 x-served-by cache-ams21054-AMS, cache-ams21054-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.343682,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 127015 server openresty
GET H3	200	spacer.png img.spacergif.org/v1/1986x1284/0a/	13 KB 1015 B	77ms 32ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.spacergif.org/v1/1986x1284/0a/spacer.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6992afbc6b3e84449c083e8e5d65b19ff90208ac209b38b33f3fb234423e222a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers content-encoding gzip cf-cache-status HIT age 169 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPD1ENn45ffMN8qei0WFqHk8yDgpBimCo0i%2BO%2FybfOM7t%2FwFXOm2xMRd0AJ6uBtjg2kmSouD883CxJai%2BVIZ7IRPTUfX4X5z8G1FNYc7i%2BsnXLOQvTfM8M%2BrkZXFWkapTkIhoeGsQqFtzHJJqUfahQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23570&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4175&recv_bytes=4343&delivery_rate=131070&cwnd=12000&unsent_bytes=0&cid=5e91ce2f56295822&ts=35&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 13 Nov 2024 02:11:58 GMT content-type image/png vary Accept-Encoding last-modified Wed, 13 Nov 2024 00:24:39 GMT priority u=2,i nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1b3bf23f9cd9d7-FRA accept-ranges bytes content-length 331 server cloudflare
GET H2	200	logo-white.svg labs.watchtowr.com/assets/images/	630 B 527 B	24ms 23ms	Image image/svg+xml	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/assets/images/logo-white.svg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash ceaf8255e1258fa5e1e32c9dee6c940e0562695951c628f7415b9a93eb085e95 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers ghost-age 0 x-request-id 4f5d2cd9-d874-417c-b1d4-3754a7840937 content-encoding gzip etag W/"276-190396a44ef" age 1847339 ghost-fastly true ghost-cache MISS status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT content-type image/svg+xml last-modified Fri, 21 Jun 2024 06:09:44 GMT x-cache-hits 0, 2, 0 x-served-by cache-ams2100107-AMS, cache-ams21064-AMS, cache-fra-etou8220072-FRA vary Accept-Encoding cache-control public, max-age=31536000 x-timer S1731463918.404839,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 356 server openresty
GET H2	200	main.min.js Show response labs.watchtowr.com/assets/built/	44 KB 16 KB	23ms 23ms	Script application/javascript	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/assets/built/main.min.js?v=28e65f086b Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 1fca19e97c3cbc726acc8d8e5ccb34aa99a0b6153054d724560a53c07a652397 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id 945816cd-ce02-4d02-9956-441bdd8100c1 content-encoding gzip etag W/"b10f-190396a44a4" age 55157 ghost-fastly true status 200 OK alt-svc clear x-cache MISS, MISS, HIT date Wed, 13 Nov 2024 02:11:58 GMT last-modified Fri, 21 Jun 2024 06:09:44 GMT vary Accept-Encoding x-cache-hits 0, 0, 0 content-type application/javascript; charset=UTF-8 x-served-by cache-ams2100098-AMS, cache-ams21065-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.430304,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 16326 server openresty
GET H3	200	prism-core.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	7 KB 3 KB	33ms 32ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-core.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2624d4f66cc5f171cd460896b106630f7666a1e638b42dd9ddefd0ca7758683 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-aff" age 451893 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmT5RyCmUouFylHtwzMfQcosy8IQ%2Boj7O3ANOBgGlftN8e6LIE38Rg0ArfZkRMsNHRUtBhrikutUYFO1RQpMDpDQ97Rj512I77sKsLUbdawN3ZPEdR9jyo7wRMOaCZOBuutsluMFzlzzi2Zb3N8aJ8wX"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf23e9965ac-FRA accept-ranges bytes access-control-allow-origin * content-length 2815 server cloudflare
GET H3	200	prism-autoloader.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/	6 KB 3 KB	35ms 32ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74beaf9148829f7d253d337d715ae6407a39510984c0332bc76a69024e088559 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-874" age 81106 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkWkuX%2Fudi%2BTGFncL%2B4zsSjvewSV%2BJo1xv5Y%2FyaopEGpJSAU%2BRLYqtxtvhbR5cxt%2FqnhYOf29jh3IXPmG4NQhfcqwfy4V%2FEWyoZr1hZrqVDvj09hv4pYeVDy8PxMxUcPJcsWnxEJjZK%2FIGa1e%2BRYxdnD"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf23e9a65ac-FRA accept-ranges bytes access-control-allow-origin * content-length 2164 server cloudflare
GET H2	200	factors.js Show response app.factors.ai/assets/v1/	35 KB 10 KB	125ms 40ms	Script text/javascript	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.factors.ai/assets/v1/factors.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c3b08897d7bc9cdae528c71a79649eac9b212f1ef1a975802df916e21740ccd7 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "08e0c092e03248837ef8133f960fcfef5708b1716ab37161ce10d2904de01836-br" x-timer S1731463919.526508,VS0,VE1 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT content-length 9607 date Wed, 13 Nov 2024 02:11:58 GMT content-type text/javascript; charset=utf-8 last-modified Tue, 12 Nov 2024 06:10:13 GMT x-served-by cache-cph2320045-CPH x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H2	200	lftracker_v1_3P1w24do6zP7mY5n.js Show response sc.lfeeder.com/	31 KB 12 KB	124ms 28ms	Script application/javascript	2600:9000:2250:2200:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_3P1w24do6zP7mY5n.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:2200:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9c076c44c2a65588a5171b190d29e39c5542fae2e2fa68550e830d5fb4b8dc65 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers content-encoding br x-amz-version-id RQ3UJdvEZQqmBXWqo2sfKb3Y9TdoJpG3 etag W/"bd10e6330fa5c45a0c70765b74ddc6a5" age 2764 x-cache Hit from cloudfront x-amz-cf-id c-ptm6vXKWvDUh7vWA1bq2Dam1qNl2s4ZrgbNPaRR2MDswCgNi49Mg== date Wed, 13 Nov 2024 01:25:55 GMT content-type application/javascript vary accept-encoding, Origin last-modified Wed, 09 Oct 2024 07:33:36 GMT cache-control max-age=3600 cross-origin-resource-policy cross-origin via 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	hotjar-2950076.js Show response static.hotjar.com/c/	13 KB 6 KB	130ms 59ms	Script application/javascript	18.66.102.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2950076.js?sv=6 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-11.fra56.r.cloudfront.net Software / Resource Hash 06d279053911af4d58d85503f078a327fc7d101b5c82bf7fae7ad432197a3786 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=60 content-encoding br etag W/1a397bcbeace7c3ca5d18bda638afa86 cross-origin-resource-policy cross-origin x-content-type-options nosniff x-cache-hit 1 via 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront) access-control-allow-origin * x-cache RefreshHit from cloudfront x-amz-cf-id LghAGj4vvpEXeirGtB5PPfJCi3HjbfTfDeco8lSXSyt3T8OLAx5dZg== date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-amz-cf-pop FRA56-P2
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	130ms 39ms	Script application/javascript	2a02:26f0:3500:10::210:a9a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cache-control max-age=18247 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14628 date Wed, 13 Nov 2024 02:11:58 GMT last-modified Thu, 22 Aug 2024 10:43:55 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H2	200	sl.js Show response scout-cdn.salesloft.com/	6 KB 3 KB	113ms 33ms	Script application/javascript	2606:4700::6810:4769 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scout-cdn.salesloft.com/sl.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4769 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers content-encoding br cf-cache-status HIT x-amz-version-id 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc etag W/"d74cc4825c8e333b2116da3fcc649db1" age 7012 x-content-type-options nosniff expires Wed, 13 Nov 2024 06:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript last-modified Mon, 13 Dec 2021 16:28:37 GMT vary Accept-Encoding x-frame-options SAMEORIGIN x-amz-id-2 iGS/wEfBYQzz9BTHMAlk8qk/iFUfXkSHYVdTLL4b3HT5zIQ6tGHCGugR5WcU5fsSCHafDh9J/w+XXXixyeK0w+MmBvYcc8kdm8I2T38M9pQ= strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=14400 x-amz-request-id C0N6J0EV3229BZRD cf-ray 8e1b3bf2c852918c-FRA access-control-allow-origin * server cloudflare
GET H2	200	citrix-xen-exploit-demo_thumb.jpg labs.watchtowr.com/content/media/2024/11/	55 KB 55 KB	23ms 23ms	Image image/jpeg	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/media/2024/11/citrix-xen-exploit-demo_thumb.jpg Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash b8ad421c774983fcb2b5140aad71429d2f60c90c6268faf1e9968b593a6fa565 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id af6e9945-fa20-4978-bf7a-ed587332197a etag W/"db30-1930b8ff371" age 398115 ghost-fastly true status 206 Partial Content alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT last-modified Fri, 08 Nov 2024 11:36:43 GMT content-type image/jpeg x-cache-hits 0, 33, 0 x-served-by cache-ams2100089-AMS, cache-ams2100134-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.440745,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 56112 server openresty
GET H2	200	ABCFavorit-Light.woff2 labs.watchtowr.com/assets/fonts/	38 KB 38 KB	23ms 22ms	Font font/woff2	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/assets/fonts/ABCFavorit-Light.woff2 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/assets/built/screen.css?v=28e65f086b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 274ba032d9071697b02e08b0833af8b4ed90b453740cdc11528b7e058bdb8f36 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer https://labs.watchtowr.com/assets/built/screen.css?v=28e65f086b Response headers ghost-age 0 x-request-id 26eddbd7-dcdc-4489-87d8-9d5d29d6e80f etag W/"9884-190396a44c0" age 1847192 ghost-fastly true ghost-cache MISS status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT last-modified Fri, 21 Jun 2024 06:09:44 GMT content-type font/woff2 x-cache-hits 0, 13, 0 x-served-by cache-ams2100140-AMS, cache-ams2100140-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.468640,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 39044 server openresty
GET H2	200	image.png labs.watchtowr.com/content/images/2024/11/	97 KB 98 KB	25ms 24ms	Image image/png	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/2024/11/image.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 8bf17a55423f6ddb0e3c0eddf912d5f5b5bea5bdd97bf11876074876b89259ac Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id c42f5333-f8d0-432b-a416-a816768ac524 etag W/"1850e-1930b58513a" age 401760 ghost-fastly true status 206 Partial Content alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT last-modified Fri, 08 Nov 2024 10:35:57 GMT content-type image/png x-cache-hits 0, 21, 0 x-served-by cache-ams2100097-AMS, cache-ams2100097-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.468637,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 99598 server openresty
GET H2	200	image-1.png labs.watchtowr.com/content/images/size/w1000/2024/11/	362 KB 363 KB	23ms 22ms	Image image/png	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/size/w1000/2024/11/image-1.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash fffbda1d2b462067ccb18a0715728b9582cd4c1da20c852adb9a9994815c98f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id e5cdd1d4-57bf-4ad9-8440-f1bb3c62cee8 etag W/"5a99c-1930b6e5bbf" age 400316 ghost-fastly true status 206 Partial Content alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT last-modified Fri, 08 Nov 2024 11:00:02 GMT content-type image/png x-cache-hits 0, 14, 0 x-served-by cache-ams2100128-AMS, cache-ams21078-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.468753,VS0,VE0 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 371100 server openresty
GET H2	206	citrix-xen-exploit-demo.mp4 labs.watchtowr.com/content/media/2024/11/	129 KB 0	73ms 72ms	Media video/mp4	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/content/media/2024/11/citrix-xen-exploit-demo.mp4 Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash Request headers Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=0- Response headers x-request-id 147b8c3d-78d5-4b45-885a-0e59f2292081 etag W/"386eba-1930b8ff274" age 254989 ghost-fastly true status 206 Partial Content alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:58 GMT content-type video/mp4 last-modified Fri, 08 Nov 2024 11:36:43 GMT x-cache-hits 0, 20, 1 x-served-by cache-ams2100136-AMS, cache-ams2100136-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463918.473669,VS0,VE3 Content-Range bytes 0-3698361/3698362 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes Content-Length 3698362 server openresty
GET H2	200	banner.js Show response js.hs-banner.com/v2/23785948/	71 KB 26 KB	217ms 140ms	Script text/javascript	2606:4700:4400::6812:28f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/23785948/banner.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eb36c3fefb9a7c641ed164932ff3a616cb60a0f5679702d89338491904b9c63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-evy-trace-virtual-host all access-control-max-age 604800 x-request-id bfa1f5f4-b2e1-468d-8f6c-79245913df42 access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing content-encoding gzip cf-cache-status REVALIDATED etag W/"efaf4c124c5391bb4cc3b6eb60e7277c" x-amz-version-id oLb5zGabbAxGj5mfNjTKaUd8Hg3eu1G9 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD expires Wed, 13 Nov 2024 02:16:58 GMT x-evy-trace-listener listener_https date Wed, 13 Nov 2024 02:11:58 GMT x-hubspot-correlation-id bfa1f5f4-b2e1-468d-8f6c-79245913df42 content-type text/javascript; charset=UTF-8 last-modified Wed, 23 Oct 2024 01:59:11 GMT vary origin, Accept-Encoding x-amz-id-2 0SM8p4AmC7qne2XwrXQYXzoiWToQxCUmNBCe2QHeAb4mgB2qLSbRi8OQ3Ds59tXVZ86ILWX2+VSR/0EV49u8lA0kYegTu562 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id x-evy-trace-route-service-name envoyset-translator cache-control max-age=300,public timing-allow-origin * x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-4gzdf x-envoy-upstream-service-time 75 access-control-allow-credentials true x-amz-request-id VY9613DAKRWFB61Q cf-ray 8e1b3bf34f138fd7-FRA access-control-allow-origin https://labs.watchtowr.com x-evy-trace-route-configuration listener_https/all server cloudflare x-amz-server-side-encryption AES256
GET H2	200	conversations-embed.js Show response js.usemessages.com/	93 KB 26 KB	112ms 35ms	Script application/javascript	2606:4700::6810:4b8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4b8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-evy-trace-virtual-host all x-request-id 98232c0d-884a-48bb-baea-dda18aafe6e6 content-encoding gzip cf-cache-status HIT etag W/"437fb84b40fd41c605a366d14a984219" x-amz-version-id GnpHiVDEdERXJOUylwbQwpaNqjGhipG0 age 339 cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod x-content-type-options nosniff x-cache Hit from cloudfront x-hs-cache-status MISS x-amz-cf-id DAkQDK6ROwhuP1RZ8ggLCIW7Ljxew_Xm-95TpgLMQvje7W3BQH6eLA== date Wed, 13 Nov 2024 02:11:58 GMT x-hubspot-correlation-id 98232c0d-884a-48bb-baea-dda18aafe6e6 content-type application/javascript; charset=utf-8 last-modified Thu, 31 Oct 2024 16:46:07 UTC vary accept-encoding x-evy-trace-listener listener_https x-amz-replication-status COMPLETED x-evy-trace-route-service-name envoyset-translator cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-86c46c9777-bx7vx x-envoy-upstream-service-time 5 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18525/bundles/project.js&cfRay=8e1b33aa6d77dc6c-FRA via 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront) cf-ray 8e1b3bf34eecd2f2-FRA x-evy-trace-route-configuration listener_https/all x-hs-target-asset conversations-embed/static-1.18525/bundles/project.js x-amz-cf-pop IAD12-P3 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	fb.js Show response js.hsadspixel.net/	7 KB 4 KB	114ms 38ms	Script application/javascript	2606:4700::6811:df98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0e5cca7823750ad9d1c48495c433aebe8e5a4e3bd9dc078cf7660131ad5b3da Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-evy-trace-virtual-host all x-request-id 62f6626c-17c6-4dae-a6f8-7f1039c28bff content-encoding gzip cf-cache-status HIT etag W/"69b91dcf08e47875fa4925bc5db2857e" x-amz-version-id aHJ0CBevFDYbQORnHYOJqWAHO3_yl8ej age 242 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod x-content-type-options nosniff x-cache Hit from cloudfront x-hs-cache-status HIT x-amz-cf-id M8QF2uZScxKxYwMLvZAOUws9vcujgnxqvkHxeJTkIwWwL5ToUnDm3w== date Wed, 13 Nov 2024 02:11:58 GMT x-hubspot-correlation-id 62f6626c-17c6-4dae-a6f8-7f1039c28bff content-type application/javascript; charset=utf-8 last-modified Tue, 12 Nov 2024 14:16:41 UTC vary accept-encoding x-evy-trace-listener listener_https x-amz-replication-status COMPLETED x-evy-trace-route-service-name envoyset-translator cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-86c46c9777-5g8tg x-envoy-upstream-service-time 0 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.677/bundles/pixels-release.js&cfRay=8e1b3607ab93dc74-FRA via 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront) cf-ray 8e1b3bf34e15dbb5-FRA x-evy-trace-route-configuration listener_https/all x-hs-target-asset adsscriptloaderstatic/static-1.677/bundles/pixels-release.js x-amz-cf-pop IAD12-P3 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	23785948.js Show response js.hs-analytics.net/analytics/1731462900000/	68 KB 25 KB	205ms 147ms	Script text/javascript	2606:4700::6811:afc9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1731462900000/23785948.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f13a582e4dd93e0b6e6f7147e788f5a3d679e22f57bf3d2814eb990f137a557 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-amz-server-side-encryption AES256 x-request-id 9ab637d1-4e27-42db-8c77-0284f6b841af content-encoding gzip cf-cache-status REVALIDATED etag W/"1b77e8761c7cef61885d26f25de82920" x-amz-version-id null expires Wed, 13 Nov 2024 02:16:58 GMT x-evy-trace-listener listener_https date Wed, 13 Nov 2024 02:11:58 GMT x-hubspot-correlation-id 9ab637d1-4e27-42db-8c77-0284f6b841af content-type text/javascript last-modified Wed, 23 Oct 2024 01:59:14 GMT vary origin, Accept-Encoding x-amz-id-2 zziuyEhjiq3KPmxeo7VTfGFuoRINLbdpmXLg4HCzPdIU4dqHQ6ng0Br1PI52nUJYtxosRi8e/jfYeQOTu981yvvsqI67NPat x-evy-trace-route-service-name envoyset-translator cache-control max-age=300,public x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-t7hg7 x-envoy-upstream-service-time 28 access-control-allow-credentials false x-amz-request-id 3WRT4RT9823BWWJB cf-ray 8e1b3bf35c4cd27a-FRA x-evy-trace-route-configuration listener_https/all server cloudflare x-evy-trace-virtual-host all
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 25 KB	94ms 34ms	Script application/javascript	2606:4700::6810:6efe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/23785948.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://labs.watchtowr.com Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-request-id 823f27ba-44d9-4949-88f5-41cf781f64ed content-encoding gzip cf-cache-status HIT x-amz-version-id _vUoUmuymk3IT7Uikz585Nn8PzBEJUsn etag W/"216a00fb66fa9b149d5f8b5557f0f563" age 506 cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-content-type-options nosniff x-cache Hit from cloudfront x-evy-trace-listener listener_https x-amz-cf-id MRGSr1JSkKUsJ3RPCwS_h1pgo4KXtA51j0vuyT-t1kgMRVPrsoPTeQ== x-hubspot-correlation-id 823f27ba-44d9-4949-88f5-41cf781f64ed content-type application/javascript; charset=utf-8 last-modified Mon, 14 Oct 2024 10:34:35 UTC x-amz-replication-status COMPLETED x-evy-trace-route-service-name envoyset-translator cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-86c46c9777-sdg4k x-envoy-upstream-service-time 5 x-hs-target-asset collected-forms-embed-js/static-1.885/bundles/project.js server cloudflare x-evy-trace-virtual-host all x-amz-server-side-encryption AES256 access-control-max-age 3000 access-control-allow-methods GET x-hs-cache-status MISS date Wed, 13 Nov 2024 02:11:58 GMT vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.885/bundles/project.js&cfRay=8e1b2f963992720a-FRA via 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront) cf-ray 8e1b3bf37ba8d2a2-FRA access-control-allow-origin * x-evy-trace-route-configuration listener_https/all x-amz-cf-pop IAD12-P3
GET H2	200	r Show response scout.salesloft.com/	41 B 359 B	413ms 129ms	XHR application/json	44.216.177.123 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTIzMjd9.VPRLDlVywXvamkHUrZOJN7rKvtF70sMZ21c4f5nxvn0 Requested by Host: scout-cdn.salesloft.com URL: https://scout-cdn.salesloft.com/sl.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.216.177.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-216-177-123.compute-1.amazonaws.com Software / Resource Hash 1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-request-id c3f97cc1d3ebcd953cee63e6c6a7fa50 access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin https://labs.watchtowr.com content-length 41 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/json; charset=utf-8
POST H2	200	get_info Show response api.factors.ai/sdk/	311 B 412 B	175ms 174ms	Fetch application/json	34.160.69.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.factors.ai/sdk/get_info Requested by Host: app.factors.ai URL: https://app.factors.ai/assets/v1/factors.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.69.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.69.160.34.bc.googleusercontent.com Software / Resource Hash 9b77332c16e0ab5867ac04ac0bb2d8cc40ade500e6c5e4b6a3c472dedf726819 Request headers Authorization fp50m8phd32g8y5reokdoan3w55o0nc3 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Response headers x-req-id csq0lri7ldpc73fuo670 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://labs.watchtowr.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 311 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/json; charset=utf-8 vary Origin
OPTIONS H2	204	get_info api.factors.ai/sdk/ Frame	0 0	252ms 170ms	Preflight	34.160.69.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.factors.ai/sdk/get_info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.69.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.69.160.34.bc.googleusercontent.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://labs.watchtowr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Length,Content-Type,Authorization,Access-Control-Allow-Headers,Access-Control-Allow-Origin,Invalidate-Cache,Funnel-V2,Use-Filter-Opt-Profiles,Use-Filter-Opt-Events-Users access-control-allow-methods GET,POST,PUT,HEAD,DELETE access-control-allow-origin https://labs.watchtowr.com access-control-max-age 43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 02:11:58 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers via 1.1 google
GET H2	200	modules.6f60e575cf8ad7cb10f7.js Show response script.hotjar.com/	222 KB 55 KB	134ms 30ms	Script application/javascript	13.33.187.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2950076.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.187.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-187-19.fra60.r.cloudfront.net Software / Resource Hash f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-robots-tag none content-encoding br etag "56b1b49a4bdc4c874445907df778d045" age 733920 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 06kpUNKrdWRRxUcPbNwka4Mim0eMAjWWYB30jtzMxfFTxxf5V39mmA== date Mon, 04 Nov 2024 14:19:58 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 Nov 2024 14:19:24 GMT vary Accept-Encoding strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=31536000 cross-origin-resource-policy cross-origin via 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 56128 x-amz-cf-pop FRA60-P9
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 814 B	273ms 189ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=3860676&time=1731463918568&url=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-li-pop afd-prod-ltx1-x content-encoding gzip x-fs-uuid 000626c1dbd16193c4342745d087e63d x-msedge-ref Ref A: 306901DAED7548B38BAD59FEEAC3E964 Ref B: FRAEDGE1720 Ref C: 2024-11-13T02:11:58Z x-li-fabric prod-ltx1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYmwdvRYZPENCdF0IfmPQ== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Wed, 13 Nov 2024 02:11:57 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1731463918568&url=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-app... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1731463918568&url=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-ap...	0 266 B	306ms 205ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1731463918568&url=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F&e_ipv6=AQJvWZ4tf0zMQAAAAZMjSrSlqH_0_dTVy1DZHogev1DUg_BJdDVhNKiZX7Vfe97eOLyM6EkqlwRbeMesJOrbQEUf4_SM3w Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers linkedin-action 1 x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 6D15AA9A41FF40A695DBB5950E450765 Ref B: AMS04EDGE3015 Ref C: 2024-11-13T02:11:58Z x-li-fabric prod-lor1 x-li-uuid AAYmwdvWKlHxLmkbyyQnSw== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Wed, 13 Nov 2024 02:11:59 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-lor1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3860676&time=1731463918568&url=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F&e_ipv6=AQJvWZ4tf0zMQAAAAZMjSrSlqH_0_dTVy1DZHogev1DUg_BJdDVhNKiZX7Vfe97eOLyM6EkqlwRbeMesJOrbQEUf4_SM3w x-msedge-ref Ref A: AF6EE3FD88A64793A28E7EE9D705AF66 Ref B: FRAEDGE1318 Ref C: 2024-11-13T02:11:58Z x-li-fabric prod-lor1 x-li-uuid AAYmwdvRiZuFw1UHHiWTjw== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Wed, 13 Nov 2024 02:11:57 GMT
GET H3	200	prism-clike.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	708 B 993 B	46ms 46ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-clike.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c76ba4e240932bdc75546be30e550f5ba5e13815ff71511c76e9e27ac3072444 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-17d" age 1292573 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rd0hmxtYgCaihyxmwd%2FDOiHpv1ZH%2FKZDq4aDerZy9zaXOPfkH25Q%2BTABHFHlqJwmMT5E6TvVVMjxGaFzRCucwJvCukLPEAvkmEP5t7Gu2eBoJHmF5eTVRKUMwsThh98P5PIm%2FzlKUXBNoxJqXmXlEq%2BC"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf37ad49a33-FRA accept-ranges bytes access-control-allow-origin * content-length 381 server cloudflare
GET H3	200	prism-markup.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	3 KB 2 KB	45ms 44ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-markup.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b30e7db46e8986969609678a52544ecab8400e9ec2c4f36fdfd9ebf70bae3126 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-3a3" age 21105423 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1u4yeDSovUliBHCAyKKD80NNGtGwr5b3p3cdSD4FK9E6yNXYnJ8Xl4qpD59M5lZnA6eEadZzljDPA38CFYbYMUMyPwyO3RvjdCguT%2BZ469X3FESi5hp4oNsCKDK8gHe614Bxj%2B%2BH7vTIO7O7e9zf8Q%2Fw"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf37ad59a33-FRA accept-ranges bytes access-control-allow-origin * content-length 931 server cloudflare
POST H2	204	collect region1.google-analytics.com/g/	0 0	96ms 30ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q0QQGYH9DL&gtm=45je4b70v877901959za200&_p=1731463918422&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077854&cid=1386467614.1731463919&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731463918&sct=1&seg=0&dl=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F&dt=Visionaries%20Have%20Democratised%20Remote%20Network%20Access%20-%20Citrix%20Virtual%20Apps%20and%20Desktops%20(CVE%20Unknown)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=461 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q0QQGYH9DL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://labs.watchtowr.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 02:11:58 GMT content-type text/plain server Golfe2
GET H2	200	/ tr-rc.lfeeder.com/	43 B 337 B	157ms 73ms	Image image/gif	18.245.46.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr-rc.lfeeder.com/?sid=3P1w24do6zP7mY5n&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVEwUVFHWUg5REwiXSwiZ2FDbGllbnRJZHMiOlsiMTM4NjQ2NzYxNC4xNzMxNDYzOTE5Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjQuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9sYWJzLndhdGNodG93ci5jb20vdmlzaW9uYXJpZXMtYXQtY2l0cml4LWhhdmUtZGVtb2NyYXRpc2VkLXJlbW90ZS1uZXR3b3JrLWFjY2Vzcy1jaXRyaXgtdmlydHVhbC1hcHBzLWFuZC1kZXNrdG9wcy1jdmUtdW5rbm93bi8iLCJwYWdlVGl0bGUiOiJWaXNpb25hcmllcyBIYXZlIERlbW9jcmF0aXNlZCBSZW1vdGUgTmV0d29yayBBY2Nlc3MgLSBDaXRyaXggVmlydHVhbCBBcHBzIGFuZCBEZXNrdG9wcyAoQ1ZFIFVua25vd24pIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJhODRmOWY5MjJiMGQ0ZjA5Iiwic2NyaXB0SWQiOiIzUDF3MjRkbzZ6UDdtWTVuIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43ZTFlMjlkNTliMzk2MmI2LjE3MzE0NjM5MTg2OTMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-32.fra56.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cross-origin-resource-policy cross-origin via 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront) x-cache LambdaGeneratedResponse from cloudfront content-length 43 x-amz-cf-id OR0cuHepqbOtHFtEbu21UPqU4d_b0smGZSPtsNqPHHNnvEpfJiaCtA== date Wed, 13 Nov 2024 02:11:58 GMT content-type image/gif x-amz-cf-pop FRA56-P9 server CloudFront vary Origin
GET H3	200	prism-csharp.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	6 KB 3 KB	34ms 34ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-csharp.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4eca14394e584a4a3a747fe6dc0a93ddbc657880f7dbac3f8d119ccb206107e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-872" age 13137693 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaEgO4hBHswq%2FpcewE1pKzJ%2BJzNz7dlOgHKsV9ApqWTX2FNBc2IJR2l24ZLYxM8UmEQgyXLgdDh7J3%2FZAxTjoJxvYCtIBILDohqIfhRZmQEc7RZiab8cKn8TC6c6kPTAY6JYIWHNynD6TFJjqqUOqJUH"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf42ae89a33-FRA accept-ranges bytes access-control-allow-origin * content-length 2162 server cloudflare
GET H3	200	prism-javascript.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	5 KB 2 KB	34ms 34ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-javascript.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0345ea83e12b7b974e953c79a64dea35a40308309449db70b82020fb688ac321 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-5a9" age 1121451 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJ20mGSDL75Bpxwtts3h62OG%2FlvUQqhcTQ%2Fzv0jPzbLOP%2BiXrg1in%2FS5wUH2Cf5ZD%2Bo%2BiZ0Vg4AheFnatipyICExuenKsP9f3qOaNdAsyKKtf1z2VSr%2BYclHkQ4YW91hHIp5XvuWZq%2BV%2FFRWkgKJNjQ3"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf42ae99a33-FRA accept-ranges bytes access-control-allow-origin * content-length 1449 server cloudflare
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	136 B 402 B	130ms 128ms	XHR application/json	2606:4700::6810:6efe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23785948&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1102619929d461c761d302e6023c47c0e8440f2c1e6215cced390867bd868e09 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-robots-tag none access-control-max-age 180 x-request-id 5a4bf023-f34f-4be8-9722-358e2094ce3e content-encoding br cf-cache-status DYNAMIC access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-content-type-options nosniff x-evy-trace-listener listener_https date Wed, 13 Nov 2024 02:11:58 GMT x-hubspot-correlation-id 5a4bf023-f34f-4be8-9722-358e2094ce3e content-type application/json;charset=utf-8 vary Accept-Encoding access-control-allow-headers * x-evy-trace-route-service-name envoyset-translator cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-86c46c9777-sdg4k x-envoy-upstream-service-time 10 cf-ray 8e1b3bf42cbcd2a2-FRA access-control-allow-origin https://labs.watchtowr.com x-evy-trace-route-configuration listener_https/all server cloudflare x-evy-trace-virtual-host all
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	114 B 798 B	184ms 132ms	XHR application/json	2606:4700::6812:f06c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=23785948 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6197ceff1122e8aa36a89d3554018d665b3ee7efb485588565c53cf9995654ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers access-control-max-age 180 content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LC2gnjfcdT8166s4q64FXG1W3xY0BLHKbeKbNGNtwXx8L3vpCPAZy8pO73ZC998SSZpsG1GDnIAZNd6u59IUVnm%2FvLD5m00V84gr1NEYBVvY4KHB1jc1okkQ%2FbOM3MnQUcYdr0%2B%2FJv9Idixl"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-content-type-options nosniff date Wed, 13 Nov 2024 02:11:58 GMT x-hubspot-correlation-id c7f8dbf7-915f-481c-806d-66da4e93064d content-type application/json;charset=utf-8 vary origin, Accept-Encoding access-control-allow-headers * strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8e1b3bf48e85dbad-FRA access-control-allow-origin https://labs.watchtowr.com server cloudflare
GET H3	200	prism-jsx.min.js Show response cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/	2 KB 1 KB	37ms 37ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-jsx.min.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c8b80e4d98f6813ef95fd0e7ae2862cc0804ec305e0ad1f99c0a4bb7c28f865 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "625c25f1-370" age 936859 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BK7SmYzX%2FVbRDioDi%2FFoiyvMGmAsScToHaNnjOBB5BQVzODmYEqgWSYBIg8Q%2BwC7r460S4HxW9aGX32t9GADN4BjY6o8%2Bw2ggBaiwnRzzwncOw2YGSlSpeYU7fhXNySlhyQE8iQXeeNcsqMQNdC9ZsHV"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 03 Nov 2025 02:11:58 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 02:11:58 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 17 Apr 2022 14:36:33 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e1b3bf48af99a33-FRA accept-ranges bytes access-control-allow-origin * content-length 880 server cloudflare
GET H2	200	public Show response api.hubspot.com/livechat-public/v1/message/	369 B 979 B	414ms 413ms	XHR application/json	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=23785948&conversations-embed=static-1.18525&mobile=false&messagesUtk=7db8cf95e4a94e8986491ef42e1731cc&traceId=7db8cf95e4a94e8986491ef42e1731cc Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10d318ced1bd0693638282732155daa8597d349b522f90d4859dceff640d0747 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 X-HubSpot-Messages-Uri https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXVftXYhBQ6DLVlK%2BbfTtT33DBWQ2pdghIvLilhVYmr235hs6upijGRjvwdOOcGYYByHP381T6BEXCFHaYqkw86DZNwqDIP%2FiSzaRZafmE0MpdI%2Fv3dkDCR0AU4utGnfSXZSAV05pB%2FLUI2WQw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-content-type-options nosniff date Wed, 13 Nov 2024 02:11:59 GMT x-hubspot-correlation-id 4cde8b09-33fa-433d-8e2f-4502a2864aec content-type application/json;charset=utf-8 vary origin, Accept-Encoding access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8e1b3bf61fc891e4-FRA access-control-allow-origin https://labs.watchtowr.com content-length 275 server cloudflare
OPTIONS H2	200	public api.hubspot.com/livechat-public/v1/message/ Frame	0 0	206ms 158ms	Preflight text/plain	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=23785948&conversations-embed=static-1.18525&mobile=false&messagesUtk=7db8cf95e4a94e8986491ef42e1731cc&traceId=7db8cf95e4a94e8986491ef42e1731cc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers x-hubspot-messages-uri Access-Control-Request-Method GET Origin https://labs.watchtowr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://labs.watchtowr.com allow HEAD,GET,OPTIONS cf-cache-status DYNAMIC cf-ray 8e1b3bf51f7691e4-FRA content-length 18 content-type text/plain; charset=utf-8 date Wed, 13 Nov 2024 02:11:59 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qxs0sxxduvwEftZ2HZgTSIwdF1etx7A1Yjs8OsAqDRe20UP6dBi7ybLn4I%2BQJF4B0XHLN59oOqhxxg3Zm5cOCnUlk4gVRJMFHlFnMhjL6kDFnW%2BEkBMPHpYrC3Rsnte6UxN8nz6YWUXB4QIH8g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding x-content-type-options nosniff x-hubspot-correlation-id e7a9e4aa-3e3b-46a7-b35c-8658d692a661
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 197 B	214ms 212ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 47BD6A63053745CEA316981F7E40A5C6 Ref B: FRAEDGE1318 Ref C: 2024-11-13T02:11:58Z x-li-fabric prod-lor1 access-control-allow-credentials true x-li-uuid AAYmwdvVx9e4lRiMRYSEAA== x-li-proto http/2 access-control-allow-origin https://labs.watchtowr.com x-cache CONFIG_NOCACHE date Wed, 13 Nov 2024 02:11:58 GMT vary Origin
GET H2	200	i Show response scout.salesloft.com/	48 B 467 B	122ms 121ms	XHR application/json	44.216.177.123 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/i Requested by Host: scout-cdn.salesloft.com URL: https://scout-cdn.salesloft.com/sl.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.216.177.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-216-177-123.compute-1.amazonaws.com Software / Resource Hash 2372d17ec58e491dc52547b591504ca00f557c7046bed98cc3629c19a1531849 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-request-id 77012560e593fe29323c9957d9a97a26 access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin https://labs.watchtowr.com content-length 48 date Wed, 13 Nov 2024 02:11:59 GMT content-type application/json; charset=utf-8
OPTIONS H3	204	track api.factors.ai/sdk/event/ Frame	0 0	175ms 174ms	Preflight	34.160.69.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.factors.ai/sdk/event/track Protocol H3 Security QUIC, , AES_128_GCM Server 34.160.69.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.69.160.34.bc.googleusercontent.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://labs.watchtowr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Length,Content-Type,Authorization,Access-Control-Allow-Headers,Access-Control-Allow-Origin,Invalidate-Cache,Funnel-V2,Use-Filter-Opt-Profiles,Use-Filter-Opt-Events-Users access-control-allow-methods GET,POST,PUT,HEAD,DELETE access-control-allow-origin https://labs.watchtowr.com access-control-max-age 43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 02:11:59 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers via 1.1 google
POST H3	200	track Show response api.factors.ai/sdk/event/	96 B 113 B	178ms 177ms	Fetch application/json	34.160.69.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.factors.ai/sdk/event/track Requested by Host: app.factors.ai URL: https://app.factors.ai/assets/v1/factors.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.160.69.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.69.160.34.bc.googleusercontent.com Software / Resource Hash 2592393df6f2de0dae2958b0ce54fb63a444956cb557483913de9a6cab82c819 Request headers Authorization fp50m8phd32g8y5reokdoan3w55o0nc3 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Response headers x-req-id csq0lrsd0pjs739786gg access-control-allow-credentials true via 1.1 google access-control-allow-origin https://labs.watchtowr.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 96 date Wed, 13 Nov 2024 02:11:59 GMT content-type application/json; charset=utf-8 vary Origin
OPTIONS H3	204	add_properties api.factors.ai/sdk/user/ Frame	0 0	173ms 173ms	Preflight	34.160.69.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.factors.ai/sdk/user/add_properties Protocol H3 Security QUIC, , AES_128_GCM Server 34.160.69.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.69.160.34.bc.googleusercontent.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://labs.watchtowr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Length,Content-Type,Authorization,Access-Control-Allow-Headers,Access-Control-Allow-Origin,Invalidate-Cache,Funnel-V2,Use-Filter-Opt-Profiles,Use-Filter-Opt-Events-Users access-control-allow-methods GET,POST,PUT,HEAD,DELETE access-control-allow-origin https://labs.watchtowr.com access-control-max-age 43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 02:11:59 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers via 1.1 google
POST H3	200	add_properties Show response api.factors.ai/sdk/user/	49 B 65 B	177ms 177ms	Fetch application/json	34.160.69.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.factors.ai/sdk/user/add_properties Requested by Host: app.factors.ai URL: https://app.factors.ai/assets/v1/factors.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.160.69.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.69.160.34.bc.googleusercontent.com Software / Resource Hash d77e82654b78a6f97d3b45cacbca5901b92394f5489aed5de07fab2d0efc2015 Request headers Authorization fp50m8phd32g8y5reokdoan3w55o0nc3 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Response headers x-req-id csq0lru52kbs73bn4fr0 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://labs.watchtowr.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49 date Wed, 13 Nov 2024 02:11:59 GMT content-type application/json; charset=utf-8 vary Origin
GET H2	200	yl8vfv7j Show response widget.intercom.io/widget/	7 KB 3 KB	99ms 34ms	Script application/javascript	13.224.189.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/yl8vfv7j Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-49.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash ee0cfba0faa34fce2ccdccccf563454a220b243e7de0850e516a91f69a29f8c2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers content-encoding gzip x-amz-version-id ZS0xuZPuaN2fI3mLpAbZ4O23yyKj5qmK etag "77d207eb2eb2a3e1420588cdbd7db424" age 106 alt-svc h3=":443"; ma=86400 x-cache Error from cloudfront x-amz-cf-id pkWDx-s0CN1r0eugZM8oec2C-9d96n_Z2fO4IukGk9NBQ_2F_61pKQ== date Wed, 13 Nov 2024 02:10:19 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding, Origin last-modified Tue, 12 Nov 2024 14:12:51 GMT cache-control max-age=300, s-maxage=300, public cross-origin-resource-policy cross-origin via 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront) accept-ranges bytes content-length 2666 x-amz-cf-pop FRA2-C1 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	201ms 142ms	Image image/gif	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=23785948&rcu=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F&pu=https%3A%2F%2Flabs.watchtowr.com%2Fvisionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown%2F&t=Visionaries+Have+Democratised+Remote+Network+Access+-+Citrix+Virtual+Apps+and+Desktops+(CVE+Unknown)&cts=1731463919165&vi=7a6dca635ac2c54ddcf026acd08814bf&nc=true&u=64999280.7a6dca635ac2c54ddcf026acd08814bf.1731463919162.1731463919162.1731463919162.1&b=64999280.1.1731463919162&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers x-robots-tag none x-request-id fd610b69-0480-41e3-a9f4-674ea0e7111d cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYmSAwGzw9RmHarqKy5DSLp12HwAskjuj0HqlYDEJpnlq%2FqDsmOgZCse008hTopCAKQIqqBlcw8JW3MaezwEaVcRujDxnR6si51oiIJzzrCKjCxmanUkEneVuexr5JKa7HGOAK2RRY%2Ffujjd2HlI"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-evy-trace-listener listener_https p3p CP="NOI CUR ADM OUR NOR STA NID" date Wed, 13 Nov 2024 02:11:59 GMT x-hubspot-correlation-id fd610b69-0480-41e3-a9f4-674ea0e7111d content-type image/gif vary origin, Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator cache-control no-cache, no-store, no-transform nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-2kdfd x-envoy-upstream-service-time 8 access-control-allow-credentials false cf-ray 8e1b3bf73e9c1965-FRA x-evy-trace-route-configuration listener_https/all content-length 45 server cloudflare x-evy-trace-virtual-host all
GET H2	200	Logo.png labs.watchtowr.com/content/images/size/w256h256/2022/05/	3 KB 3 KB	25ms 25ms	Other image/png	2a04:4e42:200::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/content/images/size/w256h256/2022/05/Logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash dba1c596f2785886e854da7993f9e62f17831524432311f1776631ca100ae9f6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/ Response headers ghost-age 0 x-request-id f54fde05-57aa-43b6-80df-cf40f85bb137 etag W/"c7f-185e7b6bafe" age 1381515 ghost-fastly true ghost-cache MISS status 200 OK alt-svc clear x-cache MISS, HIT, HIT date Wed, 13 Nov 2024 02:11:59 GMT content-type image/png last-modified Wed, 25 Jan 2023 06:56:30 GMT x-cache-hits 0, 2, 0 x-served-by cache-ams21075-AMS, cache-ams21075-AMS, cache-fra-etou8220072-FRA cache-control public, max-age=31536000 x-timer S1731463919.179579,VS0,VE1 via 1.1 varnish, 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 3199 server openresty
GET H2	200	frame-modern.4ea64da0.js Show response js.intercomcdn.com/ Frame B382	471 KB 142 KB	173ms 102ms	Script application/javascript	18.245.46.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.4ea64da0.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/yl8vfv7j Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-55.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c65b2bb064e872a06e7f44933ba6a7ad353f2980668d8a98a87fb7293adb897d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-amz-version-id IPaFPxjzhMWeS6UnDXfAwwlbZ5z7LD25 etag "aff0b8bb4d9d823c40dd7f3f5018e36d" age 7146 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id UhhQMhpEmpgTpiOB6T_nMLa6ty302JxYPzP-7t4J3Mp0w1r1Z_78aQ== date Wed, 13 Nov 2024 00:12:54 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding last-modified Tue, 12 Nov 2024 14:10:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31536000, s-maxage=7200, public cross-origin-resource-policy cross-origin via 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront) accept-ranges bytes content-length 144892 x-amz-cf-pop FRA56-P9 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	vendor-modern.5c288613.js Show response js.intercomcdn.com/ Frame B382	456 KB 145 KB	104ms 33ms	Script application/javascript	18.245.46.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.5c288613.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/yl8vfv7j Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-55.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-amz-version-id HvxRIHBvLqTHFLAz2VL0MrHlEtVasE_f etag "cfcbe890471af67f5140f9f36766a673" age 4768 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id jIGY6A95vQ1rpYDJUZFvWTQAk-U1npipez_sULa1ZHDI6hTSdwbePw== date Wed, 13 Nov 2024 02:08:45 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding last-modified Tue, 12 Nov 2024 14:10:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31536000, s-maxage=7200, public cross-origin-resource-policy cross-origin via 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront) accept-ranges bytes content-length 147369 x-amz-cf-pop FRA56-P9 server AmazonS3 x-amz-server-side-encryption AES256
POST H2	200	launcher_settings Show response api-iam.intercom.io/messenger/web/ Frame B382	241 B 901 B	495ms 160ms	XHR application/json	52.71.139.90 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/launcher_settings Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.4ea64da0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.71.139.90 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-139-90.compute-1.amazonaws.com Software nginx / Resource Hash a187098be67c000d5c1446a21cb966ecdaf31c7e655380892bb9f2d1143c6ba8 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer Response headers x-request-id 000dpj07b2ak6ejqi63g access-control-expose-headers x-request-id content-encoding gzip etag W/"a187098be67c000d5c1446a21cb966ec" access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff status 200 OK date Wed, 13 Nov 2024 02:11:59 GMT content-type application/json; charset=utf-8 vary Accept,Accept-Encoding x-runtime 0.035300 access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN strict-transport-security max-age=31556952; includeSubDomains; preload x-request-queueing 0 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-origin https://labs.watchtowr.com x-xss-protection 1; mode=block x-intercom-version f5dbe87ec5cb4d1cfa913c877820a058663af6fa x-ami-version ami-0d82ec08b45e6923b server nginx
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame B382	4 KB 2 KB	716ms 382ms	XHR application/json	52.71.139.90 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.4ea64da0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.71.139.90 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-139-90.compute-1.amazonaws.com Software nginx / Resource Hash 128f4118fb83eb4172292d0eb517ed6e8e4ffbfb13c55f3885057de036926426 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer Response headers x-request-id 000dia3330jmh65qd8g0 access-control-expose-headers x-request-id content-encoding gzip etag W/"128f4118fb83eb4172292d0eb517ed6e" access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff status 200 OK date Wed, 13 Nov 2024 02:12:00 GMT content-type application/json; charset=utf-8 vary Accept,Accept-Encoding x-runtime 0.255923 access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN strict-transport-security max-age=31556952; includeSubDomains; preload x-request-queueing 0 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-origin https://labs.watchtowr.com x-xss-protection 1; mode=block x-intercom-version f5dbe87ec5cb4d1cfa913c877820a058663af6fa x-ami-version ami-0d82ec08b45e6923b server nginx