labs.watchtowr.com Open in urlscan Pro
2a04:4e42::775  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/	43 KB 12 KB	153ms 38ms	Document text/html	2a04:4e42::775 FASTLY
General Check archive.org Show headers Download Go to Full URL https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash a9cdf089f0bea75be26287bc63253a5348b22112986ef6fe6bf80ea933deb5ee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 11707 alt-svc clear cache-control public, max-age=0 content-encoding gzip content-length 12221 content-type text/html; charset=utf-8 date Tue, 13 Jun 2023 12:03:26 GMT etag W/"acdd-F+qAgX9iWshewO22JxY4uPaax0E" ghost-age 0 ghost-cache MISS ghost-fastly true server openresty status 200 OK vary Cookie, Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 1 x-request-id 9252efd7-7d12-4bff-9d95-2511609abf94 9252efd7-7d12-4bff-9d95-2511609abf94 x-served-by cache-ams21081-AMS x-timer S1686657807.953708,VS0,VE6
GET H2	200	v0.js Show response cdn.ampproject.org/	277 KB 72 KB	252ms 97ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5ee01918f0cf6938c5ef120611f77319898096045ff10aa1d2bd5bd8f2fe23c2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Tue, 13 Jun 2023 12:03:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72824 x-xss-protection 0 server sffe etag "2fabb8c6d8acf582" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 13 Jun 2023 12:03:27 GMT
GET H2	200	Logo.png labs.watchtowr.com/content/images/2022/05/	3 KB 3 KB	36ms 35ms	Image image/png	2a04:4e42::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/2022/05/Logo.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash dba1c596f2785886e854da7993f9e62f17831524432311f1776631ca100ae9f6 Request headers accept-language de-DE,de;q=0.9 Referer https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers ghost-age 0 date Tue, 13 Jun 2023 12:03:27 GMT via 1.1 varnish age 467815 x-cache HIT status 200 OK alt-svc clear content-length 3199 ghost-fastly true x-request-id 1489d202-a4e2-4114-8605-73164875c724, 1489d202-a4e2-4114-8605-73164875c724 x-served-by cache-ams21081-AMS last-modified Fri, 13 May 2022 04:57:26 GMT server openresty x-timer S1686657807.423851,VS0,VE3 etag W/"c7f-180bbc75d07" vary Cookie content-type image/png cache-control public, max-age=31536000 ghost-cache MISS accept-ranges bytes x-cache-hits 1
GET H2	200	image-16.png labs.watchtowr.com/content/images/2023/06/	1 MB 1 MB	38ms 38ms	Image image/png	2a04:4e42::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/2023/06/image-16.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 5ab0620b5e3dabfb46eba7663feae9233ca1225e370a79a0cbe65c6a1addaae1 Request headers accept-language de-DE,de;q=0.9 Referer https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers ghost-age 0 date Tue, 13 Jun 2023 12:03:27 GMT via 1.1 varnish age 364281 x-cache HIT status 200 OK alt-svc clear content-length 1060621 ghost-fastly true x-request-id 9bc6478f-2d3f-4615-8155-d6945482f1ca, 9bc6478f-2d3f-4615-8155-d6945482f1ca x-served-by cache-ams21081-AMS last-modified Fri, 09 Jun 2023 06:52:06 GMT server openresty x-timer S1686657807.423810,VS0,VE5 etag W/"102f0d-1889eed3814" vary Cookie content-type image/png cache-control public, max-age=31536000 ghost-cache MISS accept-ranges bytes x-cache-hits 1
GET H2	200	image-17.png labs.watchtowr.com/content/images/size/w600/2023/02/	73 KB 73 KB	122ms 121ms	Image image/png	2a04:4e42::775 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://labs.watchtowr.com/content/images/size/w600/2023/02/image-17.png Requested by Host: labs.watchtowr.com URL: https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42::775 , United States, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash b2eed1169a1faf6dd055196f9ed6ad2a6a84f13832c3eca071c3f1b2d8fc26e6 Request headers accept-language de-DE,de;q=0.9 Referer https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers ghost-age 0 date Tue, 13 Jun 2023 12:03:27 GMT via 1.1 varnish age 363887 x-cache HIT status 200 OK alt-svc clear content-length 74246 ghost-fastly true x-request-id c7a4593a-fd1d-41d8-9b2e-61e2f2df1a86, c7a4593a-fd1d-41d8-9b2e-61e2f2df1a86 x-served-by cache-ams21081-AMS last-modified Fri, 09 Jun 2023 06:58:40 GMT server openresty x-timer S1686657807.423767,VS0,VE11 etag W/"12206-1889ef33b15" vary Cookie content-type image/png cache-control public, max-age=31536000 ghost-cache MISS accept-ranges bytes x-cache-hits 1
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012305252018001/v0/	8 KB 3 KB	171ms 57ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305252018001/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash df016b35ff09d1a2046c403d35dc8fa2e4cca755dd9a38f002bfd7f476c69675 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Origin https://labs.watchtowr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 06 Jun 2023 19:48:59 GMT age 576868 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2979 x-xss-protection 0 server sffe etag "42bc85b111d44f80" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 05 Jun 2024 19:48:59 GMT
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012305252018001/v0/	12 KB 4 KB	176ms 62ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305252018001/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83f68ded7ff0d910987e6155a269c3f32d2b4bb81b1e11b8360ca5724a034e9a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Origin https://labs.watchtowr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 06 Jun 2023 19:48:59 GMT age 576868 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3935 x-xss-protection 0 server sffe etag "0240120f64aa6df5" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 05 Jun 2024 19:48:59 GMT
GET H3	200	amp-lightbox-gallery-0.1.js Show response cdn.ampproject.org/rtv/012305252018001/v0/	65 KB 19 KB	56ms 56ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305252018001/v0/amp-lightbox-gallery-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c8c532f446997928cf92434a605b1db3d708527762ccd782cb266a60e87b566 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://labs.watchtowr.com/fortinet-and-the-accidental-bug/amp/ Origin https://labs.watchtowr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 06 Jun 2023 19:49:00 GMT age 576867 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19088 x-xss-protection 0 server sffe etag "6aab46dbaa4e6c55" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 05 Jun 2024 19:49:00 GMT

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
labs.watchtowr.com
2a00:1450:4001:800::2001
2a04:4e42::775
4c8c532f446997928cf92434a605b1db3d708527762ccd782cb266a60e87b566
5ab0620b5e3dabfb46eba7663feae9233ca1225e370a79a0cbe65c6a1addaae1
5ee01918f0cf6938c5ef120611f77319898096045ff10aa1d2bd5bd8f2fe23c2
83f68ded7ff0d910987e6155a269c3f32d2b4bb81b1e11b8360ca5724a034e9a
a9cdf089f0bea75be26287bc63253a5348b22112986ef6fe6bf80ea933deb5ee
b2eed1169a1faf6dd055196f9ed6ad2a6a84f13832c3eca071c3f1b2d8fc26e6
dba1c596f2785886e854da7993f9e62f17831524432311f1776631ca100ae9f6
df016b35ff09d1a2046c403d35dc8fa2e4cca755dd9a38f002bfd7f476c69675