urlscan.io logo urlscan.io
SecurityTrails logo

www.horizon3.ai Open in urlscan Pro
104.197.16.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Submission: On March 28 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 20 domains to perform 127 HTTP transactions. The main IP is 104.197.16.226, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.horizon3.ai.
TLS certificate: Issued by R3 on February 27th 2024. Valid for: 3 months.
This is the only time www.horizon3.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 104.197.16.226 396982 (GOOGLE-CL...)
81 169.150.247.37 60068 (CDN77 _)
1 54.145.71.72 14618 (AMAZON-AES)
4 104.16.88.20 13335 (CLOUDFLAR...)
2 151.101.2.137 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
3 216.58.206.72 15169 (GOOGLE)
2 34.117.77.79 396982 (GOOGLE-CL...)
1 104.16.137.15 13335 (CLOUDFLAR...)
3 151.101.193.140 54113 (FASTLY)
2 3.215.172.219 14618 (AMAZON-AES)
1 2.21.20.141 20940 (AKAMAI-ASN1)
1 104.26.12.152 13335 (CLOUDFLAR...)
3 34.120.220.80 396982 (GOOGLE-CL...)
1 216.239.34.36 15169 (GOOGLE)
1 142.251.168.156 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
3 5 13.107.42.14 8068 (MICROSOFT...)
7 172.217.23.99 15169 (GOOGLE)
2 172.67.68.196 13335 (CLOUDFLAR...)
1 34.237.219.119 14618 (AMAZON-AES)
127 21
7    104.197.16.226 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.16.197.104.bc.googleusercontent.com
www.horizon3.ai
81    169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-37.bunnyinfra.net
p7i3u3x3.rocketcdn.me
1    54.145.71.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-71-72.compute-1.amazonaws.com
boards.greenhouse.io
4    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f8.1e100.net
www.googletagmanager.com
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
1    104.16.137.15 (None, )

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
3    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
2    3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com
pi.pardot.com
1    2.21.20.141 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-141.deploy.static.akamaitechnologies.com
snap.licdn.com
1    104.26.12.152 (None, )

ASN13335 (CLOUDFLARENET, US)
io.clickguard.com
3    34.120.220.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.220.120.34.bc.googleusercontent.com
cdn.dreamdata.cloud
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    142.251.168.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.google.it
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
7    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
2    172.67.68.196 (United States)

ASN13335 (CLOUDFLARENET, US)
pulse.clickguard.com
1    34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com
go.horizon3.ai
Apex Domain
Subdomains		 Transfer
81 rocketcdn.me
p7i3u3x3.rocketcdn.me
2 MB
8 horizon3.ai
www.horizon3.ai
go.horizon3.ai
209 KB
7 gstatic.com
fonts.gstatic.com
192 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 574
3 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
22 KB
3 dreamdata.cloud
cdn.dreamdata.cloud — Cisco Umbrella Rank: 50662
43 KB
3 clickguard.com
io.clickguard.com — Cisco Umbrella Rank: 58514
pulse.clickguard.com — Cisco Umbrella Rank: 50286
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
280 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 5152
4 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1243
10 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1890
11 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 744
132 KB
1 google.it
www.google.it — Cisco Umbrella Rank: 25495
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
245 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2655
245 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1363
637 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 814
17 KB
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4585
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
17 KB
1 greenhouse.io
boards.greenhouse.io — Cisco Umbrella Rank: 46289
2 KB
127 20
Domain Requested by
81 p7i3u3x3.rocketcdn.me www.horizon3.ai
7 fonts.gstatic.com www.horizon3.ai
7 www.horizon3.ai www.horizon3.ai
p7i3u3x3.rocketcdn.me
4 px.ads.linkedin.com 2 redirects www.horizon3.ai
snap.licdn.com
4 cdn.jsdelivr.net www.horizon3.ai
3 cdn.dreamdata.cloud www.horizon3.ai
cdn.dreamdata.cloud
3 www.googletagmanager.com www.horizon3.ai
www.googletagmanager.com
2 pulse.clickguard.com io.clickguard.com
2 pi.pardot.com www.horizon3.ai
pi.pardot.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 ml314.com www.horizon3.ai
ml314.com
2 code.jquery.com www.horizon3.ai
1 go.horizon3.ai pi.pardot.com
1 www.linkedin.com 1 redirects
1 www.google.it www.horizon3.ai
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 alb.reddit.com www.horizon3.ai
1 io.clickguard.com www.googletagmanager.com
1 snap.licdn.com www.horizon3.ai
1 ws.zoominfo.com www.horizon3.ai
1 cdnjs.cloudflare.com www.horizon3.ai
1 boards.greenhouse.io www.horizon3.ai
127 23
Subject Issuer Validity Valid
www.horizon3.ai
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
*.rocketcdn.me
R3		 2024-02-26 -
2024-05-26		 3 months crt.sh
*.greenhouse.io
R3		 2024-03-26 -
2024-06-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4		 2024-02-28 -
2024-05-28		 3 months crt.sh
zoominfo.com
E1		 2024-03-22 -
2024-06-20		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-23		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
clickguard.com
GTS CA 1P5		 2024-03-14 -
2024-06-12		 3 months crt.sh
cdn.dreamdata.cloud
GTS CA 1D4		 2024-03-05 -
2024-06-03		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google.it
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
go.horizon3.ai
R3		 2024-03-05 -
2024-06-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Frame ID: 8AA12F63AE1D0587073DC3A459F5E758
Requests: 126 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive – Horizon3.ai

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

127
Requests

99 %
HTTPS

0 %
IPv6

20
Domains

23
Subdomains

21
IPs

3
Countries

2762 kB
Transfer

6579 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3527860%26time%3D1711625090702%26li_adsId%3De30ca2d5-ed9c-4033-8acc-cdc296c49d3a%26url%3Dhttps%253A%252F%252Fwww.horizon3.ai%252Fattack-research%252Fattack-blogs%252Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&cookiesTest=true&liSync=true

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/ 		527 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
d0b9c02e0fdd00362d1e6133987c4a2ea7480d82e77cd3b0218eb2490c523324
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
it-IT,it;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 11:24:49 GMT
last-modified
Thu, 21 Mar 2024 11:33:59 GMT
link
<https://www.horizon3.ai/wp-json/>; rel="https://api.w.org/" <https://www.horizon3.ai/wp-json/wp/v2/posts/243612>; rel="alternate"; type="application/json" <https://www.horizon3.ai/?p=243612>; rel=shortlink
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 10
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
x-tec-api-origin
https://www.horizon3.ai
x-tec-api-root
https://www.horizon3.ai/wp-json/tribe/events/v1/
x-tec-api-version
v1
x-xss-protection
"1; mode=block"
style.min.css
p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/ 		108 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Feb 2024 01:54:50 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65c97a6a-1ae43"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ba1918f83a6436e40e1f13d6cbbd7b1e
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3>; rel="canonical"
cdn-requestpullsuccess
True
aiwp-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/ 		98 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190c-62"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2f00696dba4cd4f2ee8212777444ae39
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0>; rel="canonical"
cdn-requestpullsuccess
True
cookie-law-info-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:58:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed13c0-c22"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
56576f98e3d81a933108306424128ca8
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.0>; rel="canonical"
cdn-requestpullsuccess
True
cookie-law-info-gdpr.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:58:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed13c0-6a71"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
91a2c89aed8784be22c1e15a21c6572f
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.0>; rel="canonical"
cdn-requestpullsuccess
True
et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612-late.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/ 		81 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612-late.css?ver=1711381817
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2e6534a769471e824a06b36c6d6c78a3e0320936a297296957af2846551c1940
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Mar 2024 17:24:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65fc6d51-14491"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
675665a31f805df1a79eedcf942f2dcb
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/243612/et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612-late.css?ver=1711041870>; rel="canonical"
cdn-requestpullsuccess
True
et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612.css?ver=1711381817
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
79c7c7d8bb9cb3344e99e530f4214ade141abec660e2e7e2975fa6869b7e2e36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Mar 2024 17:24:30 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65fc6d4e-e3df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ff60e2285f2f275e8a6d0835581a7de6
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/243612/et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612.css?ver=1711041870>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/ 		77 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.6.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
99a06f6e8a4318c67b4b5549cb2401c2be69be7503f1c766bf42e58cba6fbd4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Feb 2024 02:00:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65c97bc2-1352c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
6cdf1901b9f549d87604d07c43eddef0
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.6.1>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-1196f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
05979c580d49d492dcbdae59d12e124d
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/ 		80 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-140f1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ad09d2c921e7cd4e0f2dcf426a7ee317
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/ 		86 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/style.min.css?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3b0b3b2876c9a3ed08e9cf6b115cb335783e93148c12b0811202e1fe69da3755
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 19:46:44 GMT
server
nginx
etag
W/"65fb3d24-15755"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/ 		421 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
d0606dcbe3bc47a9ff10d8bc52b0042c2040bed75c8382bcb534230aea248d3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-69547"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
44e0cc2db4d66bde02fe32ce6f357118
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.95>; rel="canonical"
cdn-requestpullsuccess
True
style.min.css
www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/ 		86 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/style.min.css?ver=1.2.8
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3b0b3b2876c9a3ed08e9cf6b115cb335783e93148c12b0811202e1fe69da3755
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 19:46:44 GMT
server
nginx
etag
W/"65fb3d24-15755"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
magnific_popup.css
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-1946"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
319cfb9e346942fc860d6ddcedcc9dc8
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.95>; rel="canonical"
cdn-requestpullsuccess
True
swiper.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-5865"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8cf0e31e1ea1adc67426d2e644f8f511
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.95>; rel="canonical"
cdn-requestpullsuccess
True
popup.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-1389"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7f82a311b1fd44ae4a65b61df327dc38
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.95>; rel="canonical"
cdn-requestpullsuccess
True
animate.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		83 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-14d7b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2c1ea3ca6e51598d492519ad4f5162b3
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.95>; rel="canonical"
cdn-requestpullsuccess
True
readmore.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-6bd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
71c99d92c112e2ddc761ca1905a513c2
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.95>; rel="canonical"
cdn-requestpullsuccess
True
jquery.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8f21ed3d18e7e14ac492e6dd8ffe0957
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery.min.js?ver=3.7.1>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6482bd64-3509"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
36983f1ebbe43b245e05f751c7d12667
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
aiwp-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/ 		913 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190c-391"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
a8541d096d337394f7f8af11112d0c02
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
cookie-law-info-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:58:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed13c0-8583"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7af5c17c15bfee98802e8021c22d60fe
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.0>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/ 		486 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.4.9
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Dec 2023 18:17:30 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65808cba-1e6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
4082dea9272ee32185905f50f4f81a63
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.4.9>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
divi-filter-loadmore.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.6.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Feb 2024 02:00:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65c97bc2-2147"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
41a58e92664de330a8fad517889a1c35
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.6.1>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
et-divi-customizer-global.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1710980182
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5f68ad5814622f5a9b84a50ddf96c9aef7b29bc4fdadff5928bea743f055b2cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Mar 2024 00:16:22 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65fb7c56-34de"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
03c96ee34b9736a06acd3576fd5204da
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1710980182>; rel="canonical"
cdn-requestpullsuccess
True
et-core-unified-tb-242536-tb-4381-tb-243092-deferred-243612.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/ 		82 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-243612.min.css?ver=1711381820
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
1a63d2ffed5eeafbb3f5d85d4cf86dc821da632ce67824162a5f548281eaec4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Mar 2024 17:24:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65fc6d51-1475b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
fd120a401d8689ec7c90d2eeb6731a8d
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/et-cache/243612/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-243612.min.css?ver=1711041873>; rel="canonical"
cdn-requestpullsuccess
True
Email_Logo.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/Email_Logo.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2c8a5a9e00ece176ee83b23eef0d0d721effe3fcc0707ca2ef9c80b6fcb9dc2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
content-length
8488
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fe-2128"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7ecd78a30d1b8c7925e94747108262d8
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2022/08/Email_Logo.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
content-length
12820
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:36 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e1900-3214"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
987dabd872189b120519b66d02646b4d
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
video-game-sword.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/ 		470 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/video-game-sword.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
content-length
470
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:27 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18f7-1d6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
0ac04941d247d7dabee378420d26d5e0
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2023/09/video-game-sword.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Target-Path-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
content-length
8788
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Mar 2024 16:41:17 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f085ad-2254"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d50f55222fda8dde59056d58578a255e
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-02-05-at-5.26.52-PM-980x473.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/ 		18 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/Screenshot-2024-02-05-at-5.26.52-PM-980x473.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
742e0f5eab937214a0356e1a61f4ba94b2eb1b63a56547c4c7911a3852441d73
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
content-length
18934
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 05 Feb 2024 22:27:14 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65c160c2-49f6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2350a6f8c5036d58663a9d61d116eee2
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/02/Screenshot-2024-02-05-at-5.26.52-PM-980x473.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Wild-Bird-Eagle-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9782e3d5058b8388a63b064ecef2b128614205e1e003382c7bb8d6f13b3c912b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
content-length
11066
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Mar 2024 23:01:21 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65ef8d41-2b3a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7042ed194fde4609f5729a3ac28b56de
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
032524_AWARDS_CRN_PPG.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/032524_AWARDS_CRN_PPG.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
d8fbd99eadb81a4f8e4d7c98bc04c02c43e4df78a8895eb302bf232dc464a312
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
03/25/2024 17:25:07
cdn-pullzone
1682947
content-length
11646
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 25 Mar 2024 16:36:41 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"6601a819-2d7e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ffee56ba7ccdd4105989bbecf0c66eca
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/032524_AWARDS_CRN_PPG.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
400x250-Award-Feature-Fortune-60-23.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/400x250-Award-Feature-Fortune-60-23.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
006c1f8041f43e8e88b21963a98606004c917f577d392853bd493febb3eb724a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
content-length
7268
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Feb 2024 21:28:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65bc0d13-1c64"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
c3f449ce1aa6efe0454a7de60e9217b5
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/02/400x250-Award-Feature-Fortune-60-23.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
400x250-Award-CyberSecured.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/12/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/12/400x250-Award-CyberSecured.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
92b1d0db841f621794d63c4b60d77fec89a356f08915a397884c3149c09d9436
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
content-length
12530
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 Jan 2024 18:18:57 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"6595a511-30f2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
4c25fb402e9e2a6b84fd293d1b82f923
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2023/12/400x250-Award-CyberSecured.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-03-18-at-4.58.57%E2%80%AFPM-2048x1159.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Screenshot-2024-03-18-at-4.58.57%E2%80%AFPM-2048x1159.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
d664aeebb4e2ea77ca8ec25f6362f0f608513ebcd13890ce0155bbe880b46481
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
03/27/2024 06:23:55
cdn-pullzone
1682947
content-length
128888
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 21:00:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f8ab71-1f778"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
57f15b5fd7d09064b41d602e71d275e5
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Screenshot-2024-03-18-at-4.58.57%E2%80%AFPM-2048x1159.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-03-13-at-4.19.22%E2%80%AFPM-2048x540.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.19.22%E2%80%AFPM-2048x540.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
857ae4526041ac89f0aeeefd7b619b412cfa9ab774014aa179ca7c0b2e145a32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 18:03:10
cdn-pullzone
1682947
content-length
101534
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 20:20:13 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f20a7d-18c9e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
12b9bfca40904f02998968ddecf4e96c
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.19.22%E2%80%AFPM-2048x540.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-03-13-at-4.20.52%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		135 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.20.52%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f31112a1cfc4aae7a1a9a9fa3d1093f6aa527b52abb39f5d599f91069a8e32cd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 18:03:10
cdn-pullzone
1682947
content-length
138408
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 20:22:19 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f20afb-21ca8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
54abf1daad090f44713955bdf0381f29
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.20.52%E2%80%AFPM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-03-13-at-4.28.53%E2%80%AFPM-2048x330.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		44 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.28.53%E2%80%AFPM-2048x330.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2cb5345180c759616ec11d7824fd04ba253704352b6e3d8b62f6deee2a2a7e76
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 18:03:10
cdn-pullzone
1682947
content-length
45558
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 20:31:36 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f20d28-b1f6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
4d0a54429e2e962a30aa7b0ca44c6701
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.28.53%E2%80%AFPM-2048x330.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-03-13-at-4.37.31%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		110 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.37.31%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
bfc4b751b42b1342b56466df70c4e1827873d67fe09add2ce994f3bb399d7beb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 18:03:10
cdn-pullzone
1682947
content-length
112904
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 20:38:22 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f20ebe-1b908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7c42dbd71d04d88b5d97716c5c59748b
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.37.31%E2%80%AFPM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-03-13-at-4.41.57%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		78 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.41.57%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
355ce3d20f955e481bd0892a3fba6f1c3c2d64dc3835616ad92849c59988c4d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 18:03:10
cdn-pullzone
1682947
content-length
80172
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 20:43:21 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f20fe9-1392c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
dd3ac22b3b28ade56f6bf1f05ec3d82b
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Screenshot-2024-03-13-at-4.41.57%E2%80%AFPM.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
image-4.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/image-4.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e9907c149278833f6b571c20f12c1c537e77a5aff6ba4de1322675103c6a4db6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 18:03:10
cdn-pullzone
1682947
content-length
170512
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Mar 2024 16:26:46 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f32546-29a10"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
6e425d2297a70ca3d29c053045227579
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/image-4.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-03-20-at-4.56.43%E2%80%AFPM-768x396.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Screenshot-2024-03-20-at-4.56.43%E2%80%AFPM-768x396.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ff3321fa2f374656aa1d2c900d27609436ed0ae58896680eb0eb49e33ada3e5b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/27/2024 06:23:55
cdn-pullzone
1682947
content-length
14334
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 20:57:42 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65fb4dc6-37fe"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2f3f6bb859c164c94637a6c347aaecad
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Screenshot-2024-03-20-at-4.56.43%E2%80%AFPM-768x396.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
streamlinehq-cog-approved-interface-essential-100.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
content-length
1462
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fd-5b6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
d94d940ae70b9340d30d41b9a5601d37
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
logo-cookieyes.svg
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:58:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed13c0-a15"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2090e7a77179120be1bfcb19f0e0a140
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
js
boards.greenhouse.io/embed/job_board/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boards.greenhouse.io/embed/job_board/js?for=horizon3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.145.71.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-71-72.compute-1.amazonaws.com
Software
/
Resource Hash
ca6b4344f9f7607f872805d649e08b60c471d9a7ebba897f9f08bc07b16310fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.008327
date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"ca6b4344f9f7607f872805d649e08b60"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
3083c12895bb89722ead8894a87bc562
mediaelementplayer-legacy.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"5f735862-2bf8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
3dc5af62806a71b2cc9e01e5e3150c84
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17>; rel="canonical"
cdn-requestpullsuccess
True
wp-mediaelement.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/28/2024 05:32:34
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"5cfaccce-105a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8cf56fcba8806e9bdc6d22cab192245d
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3>; rel="canonical"
cdn-requestpullsuccess
True
bootstrap.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/24/2024 12:07:51
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-35dd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
833baf8827c258a04cddc293598fee8e
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.4.3>; rel="canonical"
cdn-requestpullsuccess
True
daterangepicker.css
cdn.jsdelivr.net/npm/daterangepicker/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11356
x-jsd-version
3.1.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230085-FRA, cache-lga21957-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SE7qHCx87VIi4owqEvR%2BQkT3uCafF7lIo3bH%2F4XzQzld4WUr650ay9V5F8mgSQGbSSatDqN1lUW%2FM9%2Bq%2FhZnT2gmF76lPIfRC60bRFrmzfr%2FYaBel7De3XZ3Kfo%2BdYFG9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
86b7418eaf730dff-MXP
jquery-ui.css
code.jquery.com/ui/1.13.2/themes/hot-sneaks/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.13.2/themes/hot-sneaks/jquery-ui.css?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3041508
x-cache
HIT, HIT
content-length
8576
x-served-by
cache-lga21942-LGA, cache-lin2290034-LIN
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711625090.409954,VS0,VE0
etag
W/"28feccc0-8fc4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5057, 4
cookie-law-info-table.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:58:24 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed13c0-17e1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
ab34f004ea64faefe2066d83b7b33c11
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.0>; rel="canonical"
cdn-requestpullsuccess
True
scripts.min.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/ 		268 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/scripts.min.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9ccbe8ceae9d2553c597d0a65f19928d14f42368ddd1118d69a968c2c9912161
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-42fa7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
f24fb40cbb682abeca93afc0eb405098
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/js/scripts.min.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery.fitvids.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-d15"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
821db4a25be43f67928d5de06e8aa825
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
comment-reply.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/comment-reply.min.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"625095f6-ba5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
506edf6df4472cb7bfb546b70e7c206f
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-includes/js/comment-reply.min.js?ver=6.4.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery.mobile.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-1f18"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
3acc1e9b704fefb5f3bc57be4cf6ce7e
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
magnific-popup.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-5902"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
28983dbf6917cde2b37fc32e8366e705
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
easypiechart.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-2466"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8836981ae3769f4a7483dc248fd9620c
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
salvattore.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-217e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
064c6c7db4306758a8baee66ebcaaa41
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/ 		699 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.6.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Feb 2024 02:00:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65c97bc2-2bb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2f693ddb1b8cfdc23e24e8377608dd97
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.6.1>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190c-8dee"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
8734aed82dc29ec7173fd81b1b6e5641
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/ 		733 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190b-2dd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
04ef3c991ad1ea2774ba19f0bbe8a118
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
new-tab.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:46 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"651e190a-609e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2c18c1d05775eae5a783efba3d47a7ed
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
common.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/common.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-53f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
739e8529ef1b4f7f1924082cec19336d
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/js/common.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e5a8d19e9d43ac61718ad1ee6b57e66589428a5794ca4b3a177ac75faf5455e6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-d14"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7c52f6850aa6080653ea83b2cbac73b6
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.95>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
mediaelement-and-player.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		154 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 14:21:11 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6335a9d7-26935"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
6dbb9d8db7dc143387feac65aa52e60f
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
mediaelement-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"625095f6-4a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
87fdbf136fd3a914cd81e12851fcde3e
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.4.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
wp-mediaelement.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1082
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Feb 2023 16:00:42 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"63e275aa-453"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
71b580f1b02e6477328a34ca9a8e4152
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.4.3>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
swiper-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/ 		142 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-239c1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
f6dd0bf997db363cecfb6d9173078408
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.95>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.95
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1080
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/24/2024 18:37:37
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Mar 2024 02:05:54 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65f7a182-a85"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
bbd4d35ef547ec5fa2eb77c2d611c97b
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.95>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
560552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16837
last-modified
Wed, 06 Jul 2022 23:03:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62c614dc-41c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZ53pk2bLbQOjl6GGmo6zie5ofdDIFyjl6R9yHSxjBjEuk8thFFSK0NRdpY%2F5yU5UVqjYqS7dZnd6vLlPmXaIR1w8fWlipp09eK1B2UTZEVifE6V03vfkC0iI0ByhmyQ1wZVQlfh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86b7418eea40839a-MXP
expires
Tue, 18 Mar 2025 11:24:50 GMT
daterangepicker.min.js
cdn.jsdelivr.net/npm/daterangepicker/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837f3f510b4be76f36c097ca94f9efe87c0a0581daf5e8b2bf980d9f3788bc37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1274
x-jsd-version
3.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8224
x-served-by
cache-fra-etou8220036-FRA, cache-lga21944-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"8092-XxjDQopdrufpJf5BZ3ADy4siD68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huhDlyIoj9bf8ds8qvFVoMRI1MRmKstYycBH8UrKaX7Tz6sdKMdF7KPhrsixYSra8q7F8H83D2CDrOp01rr4L%2FzjlfFTGdoo%2F6pcNLwz96FYDoi77Jr%2FPV7BZMbg%2F4O2jnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86b7418ecfc70dff-MXP
jquery-ui.js
code.jquery.com/ui/1.13.2/ 		517 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.13.2/jquery-ui.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
16824459
x-cache
HIT, HIT
content-length
126267
x-served-by
cache-lga21926-LGA, cache-lin2290034-LIN
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711625090.409804,VS0,VE0
etag
W/"28feccc0-81307"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
62, 62257
loadFilter.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/ 		44 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/loadFilter.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24235
x-jsd-version
2.7.6
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220064-FRA, cache-lga21958-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"b08f-hyuFhPhDAFE5gn7UWPXhS1S5p0w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbqfRdf9hnT2XR6ePfyqe%2FOaXM0YhDMy51wNBcgvTs3SV15wPOd5BF1k71N%2FoJlUcuLM6WCKUQNGegLa5cuh3FiGrnGpkwBmVMktXcHhL%2FmfGJw6RVcB6mMy2P4zqxPD2qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
86b7418ecfc90dff-MXP
loadmore.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/ 		31 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/loadmore.js?ver=6.4.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16700
x-jsd-version
2.7.6
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220098-FRA, cache-lga21938-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"7b9e-g8xMzqvVKM5J7uC4u0KIn/Wvuw4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LLQjZqXmRiVm6eGWPUVytl2%2B534o9AgOXmEKtqkZNZVe%2FJdnfINy351Vrr%2FvsCjcEcXLVd6qjdCI%2FAmKz5tdMGy6pGCkZNyA%2BNYmbfcPfDk2BSc9J8TYYeBzfnJ62YpxnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
86b7418ecfcc0dff-MXP
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ef71ea60e9d99a764eae745ada2724a4bc3175114330ee3786d144831e562147
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 19:46:44 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65fb3d24-2092"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
575e695f972990516996f36db3f9fa7e
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.0.0>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
motion-effects.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		154 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e51e19db4305a39866527982780d253af76c071540c09f2b215cab4b08de2b10
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1081
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-26901"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2a6b301ce6b8c548cf94bd36125c1914
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
sticky-elements.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.24.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f988466c42d1f2b5bb177b6221783d53b8ee21e9e3399c502ab3689f56fbc19e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
cdn-edgestorageid
1079
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"65ed1373-34f33"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
f49ce33e6cdb0d0234265cdc4403be8c
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.24.2>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		266 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b2e6f35fa7628fe6264e9facdfd615ce710022be2764a4126763c9ba595c2518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94395
x-xss-protection
0
last-modified
Thu, 28 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Mar 2024 11:24:50 GMT
tag.aspx
ml314.com/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?282
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 10:26:57 GMT
via
1.1 google
content-encoding
br
age
3473
x-guploader-uploadid
ABPtcPqmRMJuGUufLKrtycCDSu560NrAUw_8S-OBg1RYp911GJwudY2w4Dmhqb7vmp_xQGknmMU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10617
last-modified
Tue, 19 Mar 2024 18:01:29 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1710871289439515
x-goog-hash
crc32c=HinCJA==, md5=x4MOkeS+jF0j70aOQ9M5fQ==
content-type
application/javascript
cache-id
MIL-43570e0b
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
34224
accept-ranges
bytes
61eaf806342d59001e8ed916
ws.zoominfo.com/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/61eaf806342d59001e8ed916
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.137.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
da966cc9839d4ae5e9dedafcc314f90bec55c81eafa84349f0e502360fe45136
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
86b7418f5a16baaf-MXP
et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612-late.css
www.horizon3.ai/wp-content/et-cache/243612/ 		81 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/et-cache/243612/et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612-late.css
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2e6534a769471e824a06b36c6d6c78a3e0320936a297296957af2846551c1940
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 25 Mar 2024 15:50:20 GMT
server
nginx
etag
W/"66019d3c-14491"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
utsync.ashx
ml314.com/ 		62 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=81430&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&pv=1711625090444_vtfbtbsru&bl=en-us&cb=552296&return=&ht=&d=&dc=&si=1711625090444_vtfbtbsru&cid=6cde07f1-6e0d-4162-bf0a-d382a9285bc8&s=800x600&rp=&v=2.7.1.157
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 11:24:50 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/javascript
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
js
www.googletagmanager.com/gtag/ 		312 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
615eb73e0c52c235fb9c73da573f5a1cffb20b276f78992e2e87ccbc1a71530a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102422
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Mar 2024 11:24:50 GMT
destination
www.googletagmanager.com/gtag/ 		251 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10792903506&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8b707f8da8dff6821034010d521757e02166dd943999aa6af1ef9e801964d0cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89124
x-xss-protection
0
last-modified
Thu, 28 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Mar 2024 11:24:50 GMT
pixel.js
www.redditstatic.com/ads/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Feb 2024 20:38:48 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8702
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Wed, 27 Mar 2024 05:22:03 GMT
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Sat, 28 Mar 2026 11:24:50 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.141 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 16:03:53 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=63663
accept-ranges
bytes
content-length
17224
PLwGhTJP
io.clickguard.com/s/cHJvdGVjdG9y/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9820323cb88a74c231e1adcb4f1485990716b8d4dca972cdf4d85dfcbd82247e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 11:24:50 GMT
via
1.1 google
Content-Encoding
br
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
x-powered-by
Express
etag
W/"1eaf-KZ37wd8kXtfxISD4bCGM3uKxBio"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BsCCA8DBcN14os9eAJ3hCIC2QvLkPSz1XT%2BOxBWWIUy51bROwVvshhJzLFqWHXo8wEc%2Bxgl%2FTEl7kV4sFwzkkUHzK9erisUH4dML0IveFuBMCQlk%2Fs0x90rndfgvSUbwFpy"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
86b741902c124c3c-MXP
dreamdata.min.js
cdn.dreamdata.cloud/scripts/analytics/v1/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:03:59 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000;includeSubdomains
age
1251
x-guploader-uploadid
ABPtcPp7Mdcz6OFwMWLbC6y8UNBRAxa9cJS67epSB7uound7UM_7IftLt5dnzWjkpCCbpu0kN-twMJQfwg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39064
referrer-policy
origin
last-modified
Tue, 19 Dec 2023 15:12:09 GMT
server
UploadServer
etag
"5a0c242829201a80f498d4959d83ebfc"
vary
Accept-Encoding
x-goog-generation
1702998729480704
x-goog-hash
crc32c=9JeVgg==, md5=WgwkKCkgGoD0mNSVnYPr/A==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1800
x-goog-stored-content-length
39064
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 28 Mar 2024 11:33:59 GMT
identify-form.min.js
cdn.dreamdata.cloud/scripts/identify-form/v1/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dreamdata.cloud/scripts/identify-form/v1/identify-form.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329497ae402b18182303e3e893ec8ce8ad7a515ad2c8232857af0ff202296b80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:04:46 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000;includeSubdomains
age
1204
x-guploader-uploadid
ABPtcPqkOMIFB6oZip0iK64b7igEIrrsjCxWvrf00IaN3vBSvF-RxtKihHwa-sUyyDCbMiioQVt72Ut6Jw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4026
referrer-policy
origin
last-modified
Wed, 07 Feb 2024 14:20:59 GMT
server
UploadServer
etag
"9356f5b74975aa771e077e2715d20e45"
vary
Accept-Encoding
x-goog-generation
1707315659022481
x-goog-hash
crc32c=51DaPQ==, md5=k1b1t0l1qnceB34nFdIORQ==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
4026
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 28 Mar 2024 11:34:46 GMT
t2_rwb6eefi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_rwb6eefi_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1711625090585&id=t2_rwb6eefi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=bb1f9ba2-0702-4f55-944c-bd2c4d0dcb3a&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=800&sw=600&v=rdt_c9439d84&dpm=&dpcc=&dprc=
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-V462VSRXXS&gtm=45je43p0v889089095z8852319646za200&_p=1711625090348&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=459962707.1711625091&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711625090&sct=1&seg=0&dl=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&dt=CVE-2023-48788%3A%20Fortinet%20FortiClient%20EMS%20SQL%20Injection%20Deep%20Dive%20%E2%80%93%20Horizon3.ai&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1151
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 11:24:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.horizon3.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V462VSRXXS&cid=459962707.1711625091&gtm=45je43p0v889089095z8852319646za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.168.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wh-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 11:24:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.horizon3.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V462VSRXXS&cid=459962707.1711625091&gtm=45je43p0v889089095z8852319646za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1269837828
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 11:24:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
cdn.dreamdata.cloud/api/v1/ 		16 B
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.dreamdata.cloud/api/v1/p
Requested by
Host: cdn.dreamdata.cloud
URL: https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
via
1.1 google
referrer-policy
nosniff
strict-transport-security
max-age=63072000;includeSubdomains
server
Google Frontend
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
bd33ceb6c12e62059001a3bb3c64f443
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3527860%26time%3D1711625090702%26li_adsId%3De30ca2d5-ed9c-4033-8acc-cdc296c49d3a%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-...
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&cookiesTest=true&liSync=true
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DC0A35CF331047CF9517EBDCB502B1A9 Ref B: MIL30EDGE1218 Ref C: 2024-03-28T11:24:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUtsWPVLifEkD70iGyHg==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 11:24:51 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYUtsWMka8mCPvshFVWlg==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3A84BE057DFB4AE8A39670D003F8C41B Ref B: MIL30EDGE1218 Ref C: 2024-03-28T11:24:51Z
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1711625090702&li_adsId=e30ca2d5-ed9c-4033-8acc-cdc296c49d3a&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
Red-Team-Blog-BG.jpg
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/ 		51 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/Red-Team-Blog-BG.jpg
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
content-length
52684
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fd-cdcc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7035662448fae08f01d90e88e0250a94
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2022/10/Red-Team-Blog-BG.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 07:56:43 GMT
x-content-type-options
nosniff
age
185287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25500
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 07:56:43 GMT
modules.woff
www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.woff
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612-late.css?ver=1711381817
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/et-divi-dynamic-tb-242536-tb-4381-tb-243092-243612-late.css?ver=1711381817
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
10320
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
nginx
etag
"65ed1373-2850"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 07:51:56 GMT
x-content-type-options
nosniff
age
185574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25656
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:17:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 07:51:56 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 21:48:23 GMT
x-content-type-options
nosniff
age
221787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25320
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Mar 2025 21:48:23 GMT
fa-solid-900.woff2
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/ 		78 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
etag
"65ed1373-139ac"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-solid-900.woff2>; rel="canonical"
date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:53
content-length
80300
x-xss-protection
"1; mode=block"
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-requestpullcode
200
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
3949c6b92a5958c85303bcb0208e7e5b
accept-ranges
bytes
cdn-status
200
cdn-requestpullsuccess
True
S6uyw4BMUTPHjxAwXg.woff2
fonts.gstatic.com/s/lato/v24/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXg.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
386a206aade080bb0045005cfdbb660430ed46d652039eef6bc299d54d7c43ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 00:05:34 GMT
x-content-type-options
nosniff
age
213556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25284
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 00:05:34 GMT
fa-brands-400.woff2
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
etag
"65ed1373-1327c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-brands-400.woff2>; rel="canonical"
date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
content-length
78460
x-xss-protection
"1; mode=block"
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-requestpullcode
200
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
9cc56c35050e082ae69c39ee779e0c00
accept-ranges
bytes
cdn-status
200
cdn-requestpullsuccess
True
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:32:32 GMT
x-content-type-options
nosniff
age
233538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23316
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Mar 2025 18:32:32 GMT
modules.woff
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
etag
"65ed1373-167b4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff>; rel="canonical"
date
Thu, 28 Mar 2024 11:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:34:53
content-length
92084
x-xss-protection
"1; mode=block"
last-modified
Sun, 10 Mar 2024 01:57:07 GMT
server
BunnyCDN-DE1-1080
cdn-requestpullcode
200
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
1179b4290add60c700fb9167eef710ac
accept-ranges
bytes
cdn-status
200
cdn-requestpullsuccess
True
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
fonts.gstatic.com/s/rubik/v28/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 08:00:37 GMT
x-content-type-options
nosniff
age
185053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32848
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 08:00:37 GMT
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=CVE-2023-48788%3A%20Fortinet%20FortiClient%20EMS%20SQL%20Injection%20Deep%20Dive%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
/
Resource Hash
9fb7e07ffa774d788b6807993b9d5f1dea5b912d18aa7cfac0b958e8dba77762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
Date
Thu, 28 Mar 2024 11:24:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
534
expires
Thu, 19 Nov 1981 08:52:00 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
fonts.gstatic.com/s/rubik/v28/ 		68 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/
Origin
https://www.horizon3.ai
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 14:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37076
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Mar 2025 14:19:35 GMT
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/ 		0
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 28 Mar 2024 11:24:51 GMT
via
1.1 google
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
x-powered-by
Express
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UChlXMR%2BD%2BbDNVXxf0J4xsM0H16Dtq5bl4sQrghqwUnnWK13yxZd6H0pjGubq1stjSMmY3bT0bt2tEhWCAznFNWL7Dz8RX2fiHhAZIxCGeNJXiszM%2Bf8rumEnqKdCkk3HKsCXjw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
86b741942cee9234-MUC
Content-Length
0
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
86b741931aa09234-MUC
Connection
keep-alive
Content-Length
0
Date
Thu, 28 Mar 2024 11:24:51 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ll56Rtg1fQX14kLYXC1RxQhiDroJpAYc8%2FZ0cirhGwI258XlPaN%2F8EJXyxcemzwTzI%2FKPt0XAb8K9P%2Fr1HlugXGU7Ec7TZD9iUOZcmU9YW2%2Fa9THOycfcEp8X39gXqCisgh70MSq"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
Email_Logo.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/08/Email_Logo.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2c8a5a9e00ece176ee83b23eef0d0d721effe3fcc0707ca2ef9c80b6fcb9dc2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
content-length
8488
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:34 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18fe-2128"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
938fd3cfee93f3f37278c7089aebc31c
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2022/08/Email_Logo.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
content-length
12820
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:36 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e1900-3214"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
54346c7d7addbe5ce544c4be6e1ecfd4
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
video-game-sword.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/ 		470 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/video-game-sword.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
content-length
470
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:27 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e18f7-1d6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
7f486beba43f6031d2cd4506dfe5330a
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2023/09/video-game-sword.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Target-Path-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:09
cdn-pullzone
1682947
content-length
8788
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Mar 2024 16:41:17 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65f085ad-2254"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
a53678082600287fd0cf78e1f1251ca4
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Screenshot-2024-02-05-at-5.26.52-PM-980x473.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/ 		18 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/Screenshot-2024-02-05-at-5.26.52-PM-980x473.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
742e0f5eab937214a0356e1a61f4ba94b2eb1b63a56547c4c7911a3852441d73
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:10
cdn-pullzone
1682947
content-length
18934
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 05 Feb 2024 22:27:14 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65c160c2-49f6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
f524d7cd7800301fa579cac7f12d90c2
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/02/Screenshot-2024-02-05-at-5.26.52-PM-980x473.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Wild-Bird-Eagle-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
9782e3d5058b8388a63b064ecef2b128614205e1e003382c7bb8d6f13b3c912b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:24
cdn-pullzone
1682947
content-length
11066
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Mar 2024 23:01:21 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65ef8d41-2b3a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
10f7a31e0c7a8486f665d8107cca14d9
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Wild-Bird-Eagle-Streamline-Ultimate.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
032524_AWARDS_CRN_PPG.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/ 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/032524_AWARDS_CRN_PPG.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
d8fbd99eadb81a4f8e4d7c98bc04c02c43e4df78a8895eb302bf232dc464a312
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
cdn-cachedat
03/25/2024 17:25:07
cdn-pullzone
1682947
content-length
11646
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 25 Mar 2024 16:36:41 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"6601a819-2d7e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
30d71046f3aeb0e87ddd00f2a9189d6b
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/032524_AWARDS_CRN_PPG.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
400x250-Award-Feature-Fortune-60-23.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/02/400x250-Award-Feature-Fortune-60-23.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
006c1f8041f43e8e88b21963a98606004c917f577d392853bd493febb3eb724a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
content-length
7268
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Feb 2024 21:28:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"65bc0d13-1c64"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
2f6363e76ffa37e37eb4c5e1df64395c
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2024/02/400x250-Award-Feature-Fortune-60-23.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
400x250-Award-CyberSecured.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/12/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/12/400x250-Award-CyberSecured.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
92b1d0db841f621794d63c4b60d77fec89a356f08915a397884c3149c09d9436
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
cdn-cachedat
03/26/2024 21:19:25
cdn-pullzone
1682947
content-length
12530
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 Jan 2024 18:18:57 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"6595a511-30f2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
470835a2ba1f80026e10eaf57fafb988
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2023/12/400x250-Award-CyberSecured.png.webp>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
/
px.ads.linkedin.com/wa/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:51 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5302207A9830486C9671D38DFCAC7378 Ref B: MIL30EDGE1218 Ref C: 2024-03-28T11:24:51Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.horizon3.ai
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYUtsWSFrNIdEsqbtKqsg==
analytics
go.horizon3.ai/ 		50 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.horizon3.ai/analytics?conly=true&visitor_id=110795082&visitor_id_sign=f7108580027d8d0b2baa3bd1fffcf4aad92d0ff8de96792c38c30ed3938104c313604bf0a1e287d6282ee5ddb40cb62f09c89efe&pi_opt_in=&campaign_id=17120&account_id=972073&title=CVE-2023-48788:%20Fortinet%20FortiClient%20EMS%20SQL%20Injection%20Deep%20Dive%20%E2%80%93%20Horizon3.ai&url=https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=CVE-2023-48788%3A%20Fortinet%20FortiClient%20EMS%20SQL%20Injection%20Deep%20Dive%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fattack-blogs%2Fcve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive%2F&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
Date
Thu, 28 Mar 2024 11:24:51 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
admin-ajax.php
www.horizon3.ai/wp-admin/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.horizon3.ai/wp-admin/admin-ajax.php
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
0f262b18b7510758c18a1aa32748e435f4cc8c976215497e99f91336b11c56ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
WP Engine
content-length
734
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.horizon3.ai
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
Menu-BG-NodeZero-v2.png
www.horizon3.ai/wp-content/uploads/2023/11/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.horizon3.ai/wp-content/uploads/2023/11/Menu-BG-NodeZero-v2.png
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-243612.min.css?ver=1711381820
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f677faa4afd9b8b4424f9021d8e6c09892ace736ca435ceaba00c6b030cc1846
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/243612/et-core-unified-tb-242536-tb-4381-tb-243092-deferred-243612.min.css?ver=1711381820
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
103768
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Nov 2023 00:52:55 GMT
server
nginx
etag
"655567e7-19558"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
cropped-favicon-32x32.png
p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/cropped-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 11:24:52 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
cdn-cachedat
03/21/2024 17:34:54
cdn-pullzone
1682947
content-length
1932
x-xss-protection
"1; mode=block"
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 02:01:40 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"651e1904-78c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control
public, max-age=31919000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
cdn-requestid
0d4ec26164f65a867bb5203e128d0e8f
accept-ranges
bytes
cdn-requestcountrycode
IT
link
<https://www.horizon3.ai/wp-content/uploads/2021/06/cropped-favicon-32x32.png>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| loadmore_ajax_object object| elm object| dataLayer function| sixteenNine object| _ml object| et_animation_data object| tribe_l10n_datatables object| google_tag_manager object| google_tag_data function| rdt string| piAId string| piCId string| piHostname string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| iframeSelector string| gaEventName undefined| iframeListener object| analytics object| __DD_TEMP_ANALYTICS__ object| script function| updateUrlWithUid object| Grnhse object| _grnhse function| getParam function| getExpiryRecord function| addGclid function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| onYouTubeIframeAPIReady object| gaGlobal function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized function| autoIdentify object| salvattore object| DiviBlogExtrasFrontendData object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| JSON3 function| setImmediate function| clearImmediate string| Integration function| normalize object| addComment object| _wpmejsSettings object| wp function| Swiper function| moment function| daterangepicker object| eventFeeddecm_event_display_0_tb_header object| et_pb_motion_elements boolean| _already_called_lintrk object| et_pb_sticky_elements object| ET_Builder object| ET_FE object| ET_FB function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms function| et_pb_slider_init function| et_pb_image_lightbox_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_init function| et_pb_reinit_circle_counters function| et_pb_circle_counter_update function| et_pb_reinit_number_counters function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| ziws object| _0xf102 function| _0x20fb object| CG function| _cg_convert function| cg_convert function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property object| ORIBILI function| piResponse string| et_location_hash function| et_pb_init_woo_custom_button_icon string| waypointContextKey

30 Cookies

Domain/Path Name / Value
.horizon3.ai/ Name: _gcl_au
Value: 1.1.1925715889.1711625091
.horizon3.ai/ Name: _rdt_uuid
Value: 1711625090584.bb1f9ba2-0702-4f55-944c-bd2c4d0dcb3a
.horizon3.ai/ Name: _ga
Value: GA1.1.459962707.1711625091
.horizon3.ai/ Name: _ga_V462VSRXXS
Value: GS1.1.1711625090.1.0.1711625090.60.0.0
.horizon3.ai/ Name: ajs_user_id
Value: null
.horizon3.ai/ Name: ajs_group_id
Value: null
.horizon3.ai/ Name: ajs_anonymous_id
Value: %2266eb3316-23b2-4700-81f7-46d6780d4a1d%22
.ws.zoominfo.com/ Name: visitorId
Value: 1818a000822c52ba84ad23a0525747735a741904e176f38f04f9174c18579068
.zoominfo.com/ Name: __cf_bm
Value: 16U8eHIKp9qgSHl4sGshwkRr0t65kY0AOZNHjm_iAlc-1711625090-1.0.1.1-IeQGFmGFxC79XT03WO11YU8liaiVbCtUatYh_2LsgA8H4iDjL7BxSfRK2BEyFfWHi18dKIdxDgU9lkWo1ZEjQA
.zoominfo.com/ Name: _cfuvid
Value: Ssb0ZSaTVtSkVEUGrvIln.urNpa_JGH9pPCTm487IVY-1711625090697-0.0.1.1-604800000
www.horizon3.ai/ Name: cookielawinfo-checkbox-necessary
Value: yes
www.horizon3.ai/ Name: cookielawinfo-checkbox-functional
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-performance
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-analytics
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-advertisement
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-others
Value: no
.linkedin.com/ Name: li_sugr
Value: d5ec3329-3e73-4d3c-bd8f-d907b04fb2f7
.linkedin.com/ Name: bcookie
Value: "v=2&42ea5b41-5463-4f32-8483-1a9b803984b3"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2781:u=1:x=1:i=1711625090:t=1711711490:v=2:sig=AQEPJ18E3OHeR8iKubpQGGgY4OW3XKII"
.linkedin.com/ Name: UserMatchHistory
Value: AQIMKFxnMIfzKQAAAY6EzjfOmDvMJE91cX1qHSg-AIDsqVzTTQ7AsmmZCDbNFxW14y4tdwi9zDYokQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQK3rJU4EZqFPQAAAY6EzjfO8C22YnGgB9STPje0ZVLYEz2PZTJlYjB2T30qp3E6gXyiK6AN8KDjz5tFPN_f-w
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240328112451809db8cf-67f0-465b-883c-65d1a31a9008AQFSVU1MUXCb7tsZzz8nsLVHwnr47Kl0"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTE2MjUwOTE7MjswMjFzVu7vvccCHZ4EFyy4hWbkDKvxJ2f7cNqa9MjVx+qs4w==
.pardot.com/ Name: visitor_id971073
Value: 110795082
.pardot.com/ Name: visitor_id971073-hash
Value: f7108580027d8d0b2baa3bd1fffcf4aad92d0ff8de96792c38c30ed3938104c313604bf0a1e287d6282ee5ddb40cb62f09c89efe
pi.pardot.com/ Name: lpv971073
Value: aHR0cHM6Ly93d3cuaG9yaXpvbjMuYWkvYXR0YWNrLXJlc2VhcmNoL2F0dGFjay1ibG9ncy9jdmUtMjAyMy00ODc4OC1mb3J0aW5ldC1mb3J0aWNsaWVudGVtcy1zcWwtaW5qZWN0aW9uLWRlZXAtZGl2ZS8%3D
www.horizon3.ai/ Name: visitor_id971073
Value: 110795082
www.horizon3.ai/ Name: visitor_id971073-hash
Value: f7108580027d8d0b2baa3bd1fffcf4aad92d0ff8de96792c38c30ed3938104c313604bf0a1e287d6282ee5ddb40cb62f09c89efe
go.horizon3.ai/ Name: visitor_id971073
Value: 110795082
go.horizon3.ai/ Name: visitor_id971073-hash
Value: f7108580027d8d0b2baa3bd1fffcf4aad92d0ff8de96792c38c30ed3938104c313604bf0a1e287d6282ee5ddb40cb62f09c89efe

48 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/(Line 4432)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/(Line 4432)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/(Line 4432)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
boards.greenhouse.io
cdn.dreamdata.cloud
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
go.horizon3.ai
io.clickguard.com
ml314.com
p7i3u3x3.rocketcdn.me
pi.pardot.com
pulse.clickguard.com
px.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
ws.zoominfo.com
www.google.it
www.googletagmanager.com
www.horizon3.ai
www.linkedin.com
www.redditstatic.com
104.16.137.15
104.16.88.20
104.17.24.14
104.197.16.226
104.26.12.152
13.107.42.14
142.250.185.163
142.251.168.156
151.101.193.140
151.101.2.137
169.150.247.37
172.217.23.99
172.67.68.196
2.21.20.141
216.239.34.36
216.58.206.72
3.215.172.219
34.117.77.79
34.120.220.80
34.237.219.119
54.145.71.72
006c1f8041f43e8e88b21963a98606004c917f577d392853bd493febb3eb724a
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
0f262b18b7510758c18a1aa32748e435f4cc8c976215497e99f91336b11c56ec
1a63d2ffed5eeafbb3f5d85d4cf86dc821da632ce67824162a5f548281eaec4d
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
2c8a5a9e00ece176ee83b23eef0d0d721effe3fcc0707ca2ef9c80b6fcb9dc2b
2cb5345180c759616ec11d7824fd04ba253704352b6e3d8b62f6deee2a2a7e76
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2e6534a769471e824a06b36c6d6c78a3e0320936a297296957af2846551c1940
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
329497ae402b18182303e3e893ec8ce8ad7a515ad2c8232857af0ff202296b80
355ce3d20f955e481bd0892a3fba6f1c3c2d64dc3835616ad92849c59988c4d7
386a206aade080bb0045005cfdbb660430ed46d652039eef6bc299d54d7c43ed
3b0b3b2876c9a3ed08e9cf6b115cb335783e93148c12b0811202e1fe69da3755
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5f68ad5814622f5a9b84a50ddf96c9aef7b29bc4fdadff5928bea743f055b2cc
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79
615eb73e0c52c235fb9c73da573f5a1cffb20b276f78992e2e87ccbc1a71530a
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
742e0f5eab937214a0356e1a61f4ba94b2eb1b63a56547c4c7911a3852441d73
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
79c7c7d8bb9cb3344e99e530f4214ade141abec660e2e7e2975fa6869b7e2e36
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
837f3f510b4be76f36c097ca94f9efe87c0a0581daf5e8b2bf980d9f3788bc37
857ae4526041ac89f0aeeefd7b619b412cfa9ab774014aa179ca7c0b2e145a32
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
8b707f8da8dff6821034010d521757e02166dd943999aa6af1ef9e801964d0cf
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
92b1d0db841f621794d63c4b60d77fec89a356f08915a397884c3149c09d9436
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
9782e3d5058b8388a63b064ecef2b128614205e1e003382c7bb8d6f13b3c912b
9820323cb88a74c231e1adcb4f1485990716b8d4dca972cdf4d85dfcbd82247e
99a06f6e8a4318c67b4b5549cb2401c2be69be7503f1c766bf42e58cba6fbd4c
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
9ccbe8ceae9d2553c597d0a65f19928d14f42368ddd1118d69a968c2c9912161
9fb7e07ffa774d788b6807993b9d5f1dea5b912d18aa7cfac0b958e8dba77762
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b2e6f35fa7628fe6264e9facdfd615ce710022be2764a4126763c9ba595c2518
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bfc4b751b42b1342b56466df70c4e1827873d67fe09add2ce994f3bb399d7beb
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757
c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
ca6b4344f9f7607f872805d649e08b60c471d9a7ebba897f9f08bc07b16310fe
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0606dcbe3bc47a9ff10d8bc52b0042c2040bed75c8382bcb534230aea248d3b
d0b9c02e0fdd00362d1e6133987c4a2ea7480d82e77cd3b0218eb2490c523324
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d664aeebb4e2ea77ca8ec25f6362f0f608513ebcd13890ce0155bbe880b46481
d8fbd99eadb81a4f8e4d7c98bc04c02c43e4df78a8895eb302bf232dc464a312
da966cc9839d4ae5e9dedafcc314f90bec55c81eafa84349f0e502360fe45136
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51e19db4305a39866527982780d253af76c071540c09f2b215cab4b08de2b10
e5a8d19e9d43ac61718ad1ee6b57e66589428a5794ca4b3a177ac75faf5455e6
e9907c149278833f6b571c20f12c1c537e77a5aff6ba4de1322675103c6a4db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71ea60e9d99a764eae745ada2724a4bc3175114330ee3786d144831e562147
f31112a1cfc4aae7a1a9a9fa3d1093f6aa527b52abb39f5d599f91069a8e32cd
f677faa4afd9b8b4424f9021d8e6c09892ace736ca435ceaba00c6b030cc1846
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
f988466c42d1f2b5bb177b6221783d53b8ee21e9e3399c502ab3689f56fbc19e
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
ff3321fa2f374656aa1d2c900d27609436ed0ae58896680eb0eb49e33ada3e5b