Submitted URL: https://t.co/wjadgYjHBB
Effective URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Submission: On October 16 via api from IN — Scanned from DE

Summary

This website contacted 35 IPs in 5 countries across 26 domains to perform 155 HTTP transactions. The main IP is 104.197.16.226, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.horizon3.ai.
TLS certificate: Issued by R10 on September 18th 2024. Valid for: 3 months.
This is the only time www.horizon3.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.66.0.227 13335 (CLOUDFLAR...)
7 104.197.16.226 15169 (GOOGLE)
88 2400:52e0:1e0... 60068 (CDN77 _)
4 2a04:4e42:200... 54113 (FASTLY)
2 2a04:4e42:200... 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 18.66.102.11 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.33.187.74 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
3 34.237.219.119 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 34.120.220.80 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 151.101.193.140 54113 (FASTLY)
1 151.101.129.140 54113 (FASTLY)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
8 142.250.186.35 15169 (GOOGLE)
1 34.248.18.191 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 104.18.37.212 13335 (CLOUDFLAR...)
4 104.16.118.43 13335 (CLOUDFLAR...)
1 104.16.117.43 13335 (CLOUDFLAR...)
1 2600:9000:211... 16509 (AMAZON-02)
1 18.172.103.101 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
1 2 3.212.99.33 14618 (AMAZON-AES)
1 35.244.159.8 15169 (GOOGLE)
1 44.216.239.60 14618 (AMAZON-AES)
155 35
Apex Domain
Subdomains
Transfer
88 rocketcdn.me
p7i3u3x3.rocketcdn.me — Cisco Umbrella Rank: 974922
2 MB
8 gstatic.com
fonts.gstatic.com
233 KB
8 horizon3.ai
www.horizon3.ai
go.horizon3.ai
238 KB
5 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4482
ws-assets.zoominfo.com — Cisco Umbrella Rank: 11155
30 KB
4 clickagy.com
tags.clickagy.com — Cisco Umbrella Rank: 17248
aorta.clickagy.com — Cisco Umbrella Rank: 2541
hemsync.clickagy.com — Cisco Umbrella Rank: 16404
14 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
px4.ads.linkedin.com — Cisco Umbrella Rank: 6828
2 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
20 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 5671
4 KB
3 dreamdata.cloud
cdn.dreamdata.cloud — Cisco Umbrella Rank: 50534
43 KB
3 clickguard.com
io.clickguard.com — Cisco Umbrella Rank: 79855
pulse.clickguard.com — Cisco Umbrella Rank: 56202
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
307 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1442
insight.adsrvr.org — Cisco Umbrella Rank: 945
13 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
2 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 8252
2 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 5653
4 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
132 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 516
295 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6755
171 B
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
545 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
17 KB
1 t.co
t.co — Cisco Umbrella Rank: 859
846 B
155 26
Domain Requested by
88 p7i3u3x3.rocketcdn.me www.horizon3.ai
8 fonts.gstatic.com www.horizon3.ai
7 www.horizon3.ai t.co
www.horizon3.ai
p7i3u3x3.rocketcdn.me
4 ws.zoominfo.com js.zi-scripts.com
ws-assets.zoominfo.com
4 cdn.jsdelivr.net www.horizon3.ai
3 js.zi-scripts.com www.horizon3.ai
js.zi-scripts.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 cdn.dreamdata.cloud t.co
cdn.dreamdata.cloud
3 www.googletagmanager.com www.horizon3.ai
www.googletagmanager.com
2 aorta.clickagy.com 1 redirects tags.clickagy.com
2 pulse.clickguard.com io.clickguard.com
2 region1.analytics.google.com www.googletagmanager.com
2 tracking.g2crowd.com t.co
tracking.g2crowd.com
2 pi.pardot.com t.co
pi.pardot.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 code.jquery.com www.horizon3.ai
1 hemsync.clickagy.com tags.clickagy.com
1 us-u.openx.net
1 insight.adsrvr.org js.adsrvr.org
1 js.adsrvr.org www.horizon3.ai
1 tags.clickagy.com www.horizon3.ai
1 ws-assets.zoominfo.com js.zi-scripts.com
1 go.horizon3.ai pi.pardot.com
1 content.hotjar.io script.hotjar.com
1 px4.ads.linkedin.com www.horizon3.ai
1 alb.reddit.com www.horizon3.ai
1 pixel-config.reddit.com www.redditstatic.com
1 www.google.de www.horizon3.ai
1 stats.g.doubleclick.net www.googletagmanager.com
1 io.clickguard.com www.googletagmanager.com
1 snap.licdn.com t.co
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.horizon3.ai
1 cdnjs.cloudflare.com www.horizon3.ai
1 t.co
155 35
Subject Issuer Validity Valid
t.co
E5
2024-09-28 -
2024-12-27
3 months crt.sh
www.horizon3.ai
R10
2024-09-18 -
2024-12-17
3 months crt.sh
*.rocketcdn.me
R10
2024-08-12 -
2024-11-10
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-06 -
2025-04-03
6 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-06-05 -
2025-06-04
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
clickguard.com
WE1
2024-09-08 -
2024-12-07
3 months crt.sh
cdn.dreamdata.cloud
WR3
2024-08-21 -
2024-11-19
3 months crt.sh
g2crowd.com
WE1
2024-08-21 -
2024-11-19
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.google.de
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-13 -
2025-04-11
6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
go.horizon3.ai
R10
2024-09-01 -
2024-11-30
3 months crt.sh
zi-scripts.com
WE1
2024-09-22 -
2024-12-21
3 months crt.sh
zoominfo.com
E5
2024-10-12 -
2025-01-10
3 months crt.sh
*.clickagy.com
Amazon ECDSA 256 M02
2024-08-22 -
2025-09-20
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Frame ID: B17E01D96E51F747D041775068F1B11E
Requests: 150 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=nnpwm2i&ref=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&upid=r539y9j&upv=1.1.0&paapi=1
Frame ID: 21256091175E55ADD6195497CB81DF13
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Palo Alto Expedition: From N-Day to Full Compromise – Horizon3.ai

Page URL History Show full URLs

  1. https://t.co/wjadgYjHBB Page URL
  2. https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

155
Requests

98 %
HTTPS

38 %
IPv6

26
Domains

35
Subdomains

35
IPs

5
Countries

3036 kB
Transfer

7251 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/wjadgYjHBB Page URL
  2. https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084526834&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084526834&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQKgLrFsxYFOrQAAAZKVeBHUhExQoqQeKG4Tk85eAu4zwl6xoRigVCRGOVgsCjAgwJLb6Nx0hWqF
Request Chain 151
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D

155 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
wjadgYjHBB
t.co/
430 B
846 B
Document
General
Full URL
https://t.co/wjadgYjHBB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
67e0fb8e2434263af911d5e7fc7c0a61f9faa8c428f114b56236acfea20191f8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private,max-age=300
cf-cache-status
DYNAMIC
cf-ray
8d38514a2be74db0-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 13:15:25 GMT
expires
Wed, 16 Oct 2024 13:20:25 GMT
perf
7402827104
server
cloudflare tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
637f734166d9fa78d11ba970be784fa4697b269616f0f28c7c93364f480b8895
x-response-time
112
x-transaction-id
59facc9de5ad7ab8
x-xss-protection
0
Primary Request /
www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
472 KB
65 KB
Document
General
Full URL
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Requested by
Host: t.co
URL: https://t.co/wjadgYjHBB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
988524b3eb63f91d1eb9a1dee01f9b3d6186f622e7315a47d31b20aef010bcaf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 16 Oct 2024 13:15:25 GMT
last-modified
Wed, 09 Oct 2024 12:48:05 GMT
link
<https://www.horizon3.ai/wp-json/>; rel="https://api.w.org/" <https://www.horizon3.ai/wp-json/wp/v2/posts/261986>; rel="alternate"; title="JSON"; type="application/json" <https://www.horizon3.ai/?p=261986>; rel=shortlink
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
x-tec-api-origin
https://www.horizon3.ai
x-tec-api-root
https://www.horizon3.ai/wp-json/tribe/events/v1/
x-tec-api-version
v1
x-xss-protection
"1; mode=block"
style.min.css
p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/
110 KB
16 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f69d-1b72b"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:45:33 GMT
content-type
text/css
cdn-cachedat
10/12/2024 17:25:37
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a16eba068a193d7a99f5f37e6bd2ddd7
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
aiwp-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/
98 B
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190c-62"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
203e8d74fece2d12d6078196cb8d75b1
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
cookie-law-info-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f652-c22"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
998efc923844f633f76f27049726b964
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
cookie-law-info-gdpr.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f652-6a71"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c922762265b994110ec03d3a6e9b854c
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
et-divi-dynamic-tb-260934-tb-4381-261986-late.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/
83 KB
10 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
a6fa4fd70eb16b5b84865862f147a578ea153fd33fa414b4f90b23d979dec616
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f6c4-14d92"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:46:12 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728575168>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
602017490f86e22eaddd67396e2f1189
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/
152 KB
13 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
751a73d9a95700a13e0592a06cfa3680c9a50f8105bcc1332b4ed0b92dc78ca2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6629a9db-25f4a"
x-content-type-options
nosniff
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.7.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
112ffb3455cfc96fe9e341ed29fb7424
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/
70 KB
11 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190b-1196f"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
19404608a62782bb1428481bc4a5c008
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/
80 KB
18 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190b-140f1"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c54149cc6ed1b8b30c86667c5cb532fb
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/
86 KB
8 KB
Stylesheet
General
Full URL
https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/style.min.css?ver=1.3.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d65fa445e89a329e393e914790b08f0b7cdb441f72fbe5d0fad0f43d92f2efee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
etag
W/"6707f658-15859"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 10 Oct 2024 15:44:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
server
nginx
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/
422 KB
31 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fe676b7de732436eef5cc928e6ce2a5a87d51b34155753d343f88746c4bfb891
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-699d3"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9efa43f1136db6c9a68ea57c30b1283e
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
magnific_popup.css
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/
6 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f6b6-1946"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
503b5df48c0eff2db1352a0edd510efb
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
swiper.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-5865"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1e4f41a30f553ae7cbe01eb51cbcf7d9
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
popup.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-1389"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8dba9710d40836af03ca4c8f29d9c131
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
animate.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
83 KB
6 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-14d7b"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/12/2024 17:25:37
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1d3a7731682ce8d2a690e44609b0500a
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
readmore.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-6bd"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ccb7ebf8c321fdaee63b12dd837db206
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
jquery.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/
86 KB
32 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"64ecd5ef-15601"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery.min.js?ver=3.7.1>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
38a817f211efb3af9c35e6dc00b98b0b
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
jquery-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/
13 KB
6 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6482bd64-3509"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
b53f79d2df9c8bb53478884d6b1e78df
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
aiwp-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/
913 B
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"651e190c-391"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
0797a6265ca0213013450a379c9bc641
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
cookie-law-info-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/
33 KB
9 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f652-8589"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
116cf269c42db7d8df370bbd65ef8257
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
frontend.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/
486 B
1 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.6.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f656-1e6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:22 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.6.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ea09ec62076f918a6c10d49176c03e63
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
divi-filter-loadmore.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/
8 KB
4 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6629a9db-2147"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/11/2024 11:26:19
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.7.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9bacb866199fe7ecf21de98b25e7df72
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
et-divi-customizer-global.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/
13 KB
5 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1728577874
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
85375eab1610513e2743d5ecc157320b210104dbb86b3daa5a174e0ae90c0dae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"67080152-3382"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 16:31:14 GMT
content-type
text/css
cdn-cachedat
10/15/2024 23:39:16
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1728577874>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
54d9c0b8e479ff560f565d0c82bcacc2
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
et-core-unified-tb-260934-tb-4381-deferred-261986.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/
79 KB
10 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728577881
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
79649dc7389e7c9f43ab6f4610fd33b96798f406b71e31680764c072a1dcbcfd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f6d9-13d95"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:46:33 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728575193>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a2c30fa62baeca321c6866b85f4ec4f4
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/
13 KB
14 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e1900-3214"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:36 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c4a3e7438f8e7c061df1658b1f727cf9
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
12820
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Horizon3ai_Logo_Bug_RGB.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/11/
20 KB
21 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/11/Horizon3ai_Logo_Bug_RGB.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
385825f3c978e51201237611398c837352a7cf4fc8f4dce0badef3871cad2dd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e18fc-4f76"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:32 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/11/Horizon3ai_Logo_Bug_RGB.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
30f068f815bc4fffa556028ebf289a01
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
20342
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
isometric-laptop-mockup.png
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/
470 KB
472 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/isometric-laptop-mockup.png
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0abb6b841ec88ed4a6de1540fd8f6cf921147c69a849a617989fab23f53b520c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66a52cb4-759ba"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/png
last-modified
Sat, 27 Jul 2024 17:21:56 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/isometric-laptop-mockup.png>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
52f8bff28274889646d9bec1168a7115
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
481722
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Target-Path-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/
9 KB
10 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"65f085ad-2254"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Tue, 12 Mar 2024 16:41:17 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
b50a25407249a765844a4e60d93c9450
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
8788
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
entra_compromise_2-980x367.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/
15 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
798b31a18cae3f6010e75b292d5efa21b347cb479c319b0b7344e023f1ed022a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"664bebe8-3bce"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Tue, 21 May 2024 00:33:44 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
453e93b01515f3cdc647776a53f0604c
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
15310
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
video-game-sword.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/
470 B
2 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/video-game-sword.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e18f7-1d6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:27 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2023/09/video-game-sword.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9b9df204fc5e48375cee3d32d18e0226
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
470
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
400x250-Award-2024-Cyber150.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
15 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/400x250-Award-2024-Cyber150.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
898d53081a3b7835eeaaf8c12d300b8c28b610d61f573056b44c5aad7ea3a76c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43063-3ce2"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 15:46:43 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/400x250-Award-2024-Cyber150.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
7b21b6aecf4ec01c3e3e1f51e6bfd206
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
15586
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
400x250-Award-Ascension2024.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/08/
12 KB
13 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/08/400x250-Award-Ascension2024.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6bf44386a20716649e91ceff27bb8824fa56b8d63de6e6502f9a0960ab529c83
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66b264a9-30e8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Tue, 06 Aug 2024 18:00:09 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/08/400x250-Award-Ascension2024.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8c799369c859fd91addca1b345fe92ef
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
12520
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
400x250-Award-Intellyx-24.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/06/
19 KB
20 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/06/400x250-Award-Intellyx-24.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
8205d888f22bd7c24358689dc83a660090dc55d45f86ee9a4f521e135b56cc25
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"665f2237-4c3c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Tue, 04 Jun 2024 14:18:31 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/06/400x250-Award-Intellyx-24.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
e965fd475f6b4911fd6673910ad9b5a6
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
19516
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-10-09-at-11.22.32%E2%80%AFAM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/10/
95 KB
96 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/10/Screenshot-2024-10-09-at-11.22.32%E2%80%AFAM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
c82579181db2e7c0cc170f8cc483383dcdc29177a91abeec4ddd99f5fb067b4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"6706a0e7-17b68"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 09 Oct 2024 15:27:35 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/10/Screenshot-2024-10-09-at-11.22.32%E2%80%AFAM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
5d6b736db0538e5674c98adffe46d212
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
97128
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-12.39.52%E2%80%AFPM-480x200.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
6 KB
7 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.39.52%E2%80%AFPM-480x200.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
adacf4458aa949a6b32939da6b9d319c147f4ac5e76960ff106a393bbea3b37d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43cef-1644"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 16:40:15 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.39.52%E2%80%AFPM-480x200.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8de4883165e3e7e41966387ea94b7317
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
5700
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-12.44.57%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
16 KB
17 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.44.57%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
7d3ef1a0879b370d8f13d97d76b995ab0106b3283f9312e329abd724c3aea1cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43e23-3f92"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 16:45:23 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.44.57%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
b722f68c12cfd7effff357ddec0124b0
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
16274
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-12.51.52%E2%80%AFPM-980x141.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
13 KB
15 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.51.52%E2%80%AFPM-980x141.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
ab99447e2a3d73f045ab7579bb6e734f49abc4e046139c3afb336ecc76754b66
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43fbd-353e"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 16:52:13 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.51.52%E2%80%AFPM-980x141.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
f79d792527e6ce6351016de7a78dda83
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
13630
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.01.29%E2%80%AFPM-768x180.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
24 KB
25 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.01.29%E2%80%AFPM-768x180.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
d3be81811faf161b3a779e65166be4313bd33f08ec7841a2aa9fbc11edafb033
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44213-5eea"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:02:11 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.01.29%E2%80%AFPM-768x180.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
4740af9197f9b4abf56f45f865463090
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
24298
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.03.12%E2%80%AFPM-768x158.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
21 KB
22 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.03.12%E2%80%AFPM-768x158.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
1bf8ed7e87bfb6547e0c40b7ab6721c4f39f3fc60bac5ae463f12cd2198b2349
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44273-5206"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:03:47 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.03.12%E2%80%AFPM-768x158.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
d1ce271f125fde15a51162a812245a0a
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
20998
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.04.49%E2%80%AFPM-768x204.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
17 KB
18 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.04.49%E2%80%AFPM-768x204.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b2749d534580075928305c8fbb8cc0224d2fbd87343438ecef42f0c8b0cdc980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f442db-4292"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:05:31 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.04.49%E2%80%AFPM-768x204.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
45d07c804d63f3ca35251555da152a22
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
17042
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.06.18%E2%80%AFPM-768x201.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
14 KB
15 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.06.18%E2%80%AFPM-768x201.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
7f129d679c333a252660449c1841035b697e85642d5617a7bcbcfabe02e2c069
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4432a-3716"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:06:50 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.06.18%E2%80%AFPM-768x201.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
0590e7c2274253ec21e347909b16c5b5
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
14102
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.07.28%E2%80%AFPM-980x174.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
18 KB
19 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.07.28%E2%80%AFPM-980x174.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
726143045da1bce502842c072048df39d9e49e9a4d0c448fdb13de55b964cea2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44363-4658"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:07:47 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.07.28%E2%80%AFPM-980x174.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
f0babdc6c5439e51e124a1cefe163105
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
18008
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.08.38%E2%80%AFPM-768x361.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
29 KB
31 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.08.38%E2%80%AFPM-768x361.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
159e251000e49e115bfc34826f374f10a0b48eb8b0c6e1f2677856919e90c02a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f443bb-75ca"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:09:15 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.08.38%E2%80%AFPM-768x361.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
491325feeda7b26370801360f10a073c
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
30154
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.10.07%E2%80%AFPM-980x58.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
12 KB
14 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.10.07%E2%80%AFPM-980x58.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
c4e1638e8764c786a6a14eb7e96ebfb8589ac187691b5e0bc9f4fda7c1492ab4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4440c-313c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:10:36 GMT
cdn-cachedat
10/12/2024 18:25:56
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.10.07%E2%80%AFPM-980x58.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
d4b14d4840a1cc679e619904c47878a7
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
12604
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.11.39%E2%80%AFPM-768x98.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
9 KB
10 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.11.39%E2%80%AFPM-768x98.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
449706de74ec55e3197ad93625d95d369ec29e034847695cbf3b674500d0aaa7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44463-2280"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:12:03 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.11.39%E2%80%AFPM-768x98.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
b472b0c4363d67128afa35db9c0360eb
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
8832
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.16.29%E2%80%AFPM-768x99.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
14 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.16.29%E2%80%AFPM-768x99.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f69948dfcbd3dcd9200b96c07e77683d542b716df21afd4a1696c47b2e6462ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44589-3912"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:16:57 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.16.29%E2%80%AFPM-768x99.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9d9e67976fde5c0e9f1403b35f614248
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
14610
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.18.21%E2%80%AFPM-980x203.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
22 KB
23 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.18.21%E2%80%AFPM-980x203.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
bfa10318adf08d448ae42a0a02e1f0264f90a39a537f4e1f4fd6cee4b17af1a1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f445f9-57e6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:18:49 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.18.21%E2%80%AFPM-980x203.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
7ca1c8595b048cf03e3b3575bbcbee87
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
22502
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-4.13.46%E2%80%AFPM-768x199.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
18 KB
19 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.13.46%E2%80%AFPM-768x199.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6a3b8f0bc82438614757559760af1e72d2bb121b7a178069e9ea17af37ca9727
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f46f77-4654"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:15:51 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.13.46%E2%80%AFPM-768x199.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
d5cf11bbe2a6f937382d75ae1fb5616e
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
18004
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-4.27.37%E2%80%AFPM-768x246.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
24 KB
25 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.27.37%E2%80%AFPM-768x246.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
55e13c57cc149af08d7bf2725cc8d788814aa4d8a6533d5cf3501af1a67e8687
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4727a-6006"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:28:42 GMT
cdn-cachedat
10/12/2024 10:53:11
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.27.37%E2%80%AFPM-768x246.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9a96b3685276fe1bdb972e148fb9f9d6
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
24582
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.13.07%E2%80%AFPM-768x322.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
29 KB
31 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.13.07%E2%80%AFPM-768x322.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
bf05a9aab699f4d6b5a8cc679efe50ae7562e9635b1d2a3a5e6fdc31abc54ba1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b262-74e8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:13:38 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.13.07%E2%80%AFPM-768x322.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ad01dd89321d1730ac572e8b7e3be02b
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
29928
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.14.29%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
58 KB
59 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.14.29%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5caa03f2cf0f0dfcf01c3b7eb5d3e3e9204a67d40987bf6429bf2ce5266f951d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b2bf-e7bc"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:15:11 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.14.29%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
5f43061ac56a805d286e9b1516dcd4c9
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
59324
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.15.58%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
31 KB
32 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.15.58%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b17e75595f8c188bffef259c2ae6017a14b232c2f1833010224fc50683243738
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b329-7afa"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:16:57 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.15.58%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c2f6cdcd2405561701406df27c3016ad
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
31482
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.17.38%E2%80%AFPM-768x403.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
36 KB
38 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.17.38%E2%80%AFPM-768x403.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f94790aaef69319d75608143a96875a210ec95d7267af50752b725bb6b6a081c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b382-9180"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:18:26 GMT
cdn-cachedat
10/12/2024 10:53:11
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.17.38%E2%80%AFPM-768x403.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1600dcc590c0f98458ada2137c7a6c4a
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
37248
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.19.58%E2%80%AFPM-480x449.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
19 KB
20 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.19.58%E2%80%AFPM-480x449.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f01fc7491b03e36f48623cbf87cbe09be93cd1280232a32de0d07ae66ac9dca6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b3ee-4af4"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:20:14 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.19.58%E2%80%AFPM-480x449.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ee492a783a978ca2ef562a2307b870dd
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
19188
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.21.38%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
28 KB
29 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.21.38%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f653c580a161c53dac7b5e8f1c76ba8b03b3683b4ff48e5d0ebd3f7087b44229
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b486-70c0"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:22:46 GMT
cdn-cachedat
10/10/2024 17:44:02
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.21.38%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
46713e1dca216b7f01944c74fc906047
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
28864
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.23.12%E2%80%AFPM-768x394.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
38 KB
39 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.23.12%E2%80%AFPM-768x394.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6ef0799d97f6b9d6b1cb61f5e2962b7778165a99e3fdcdd93e56a7f3514ac659
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b4d2-9720"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:24:02 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.23.12%E2%80%AFPM-768x394.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
54a9c1f4078375ca38e1966b3d25b0cb
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
38688
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-10.32.23%E2%80%AFAM-768x68.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
17 KB
19 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-10.32.23%E2%80%AFAM-768x68.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
cd6259ec59126338f11a9b28a330a866a58a7f169e6ec4f93622672e5332d016
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5714b-44f8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 14:35:55 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-10.32.23%E2%80%AFAM-768x68.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
5cb9532d3138e6d10ba106f4e57e2108
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
17656
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-4.38.28%E2%80%AFPM-768x408.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
15 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.38.28%E2%80%AFPM-768x408.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2a68d702f2d1190671d9591ab1623372c776df8e002b1cf9ffc020b29da39d92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4757a-3b3c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:41:30 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.38.28%E2%80%AFPM-768x408.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
f16967b4d77e97fc69d6173c6ccba0f5
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
15164
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-12.15.14%E2%80%AFPM-980x350.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
20 KB
21 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-12.15.14%E2%80%AFPM-980x350.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
7b898b6a4c55324c6c8d31fc29867d4ab4d554819b8fd2dbb80960af1323eab7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f588f9-50b6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 16:16:57 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-12.15.14%E2%80%AFPM-980x350.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
4a329b91b8010f38dea7f3e92bada128
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
20662
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
streamlinehq-cog-approved-interface-essential-100.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/
1 KB
3 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e18fd-5b6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
cdn-cachedat
10/14/2024 18:27:01
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a247712ec0f6111bfba0e02d9df9ba22
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
1462
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
logo-cookieyes.svg
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/
3 KB
2 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f652-a15"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/11/2024 10:20:45
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
961cc74f1ab3047e09260aa9269c9f40
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
mediaelementplayer-legacy.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
11 KB
4 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"5f735862-2bf8"
x-content-type-options
nosniff
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
content-type
text/css
cdn-cachedat
10/11/2024 10:16:35
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1f59d92cb1a1728c6f3ed1f82ce83394
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
wp-mediaelement.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
4 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"5cfaccce-105a"
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ac1cb8e65f4f1406d72d04a4bfe380b8
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
bootstrap.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190b-35dd"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a83747b3c3efea16735e941a6ceacc5f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
daterangepicker.css
cdn.jsdelivr.net/npm/daterangepicker/
8 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
age
12772
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220090-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1754
x-jsd-version
3.1.0
jquery-ui.css
code.jquery.com/ui/1.13.2/themes/hot-sneaks/
36 KB
9 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.13.2/themes/hot-sneaks/jquery-ui.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
etag
W/"28feccc0-8fc4"
age
3653704
x-cache
HIT, HIT
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
text/css
vary
Accept-Encoding
x-cache-hits
7875, 7
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21942-LGA, cache-fra-etou8220138-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729084526.412909,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
8576
server
nginx
cookie-law-info-table.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/
6 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f652-17e1"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:26 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
3ed5a2bd3c00d7d6ef2382cb9b57b75c
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
scripts.min.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/
268 KB
61 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6af23fd5d68900400e981906d4bf799efb94d589616b846112f9e2684274c692
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-42f9f"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
be2a5f8b62d3dd5ff4221f5bcf45c82e
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
jquery.fitvids.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-d15"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8133f6da67b3737fe7200ff9e48c27a7
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
comment-reply.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/comment-reply.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"625095f6-ba5"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/comment-reply.min.js?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9ac4e942909c641189a7713e23dc8459
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
jquery.mobile.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
8 KB
4 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-1f18"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
adea20957980886b10ea2ed9c936c98a
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
magnific-popup.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
22 KB
10 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
22a7ae46aefb3325e3e2761085d7b2ea2cda8dc351cf391a62918bb09784f693
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-5700"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
6180ca69f8692f4a78a5663972353395
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
easypiechart.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
9 KB
4 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-2466"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
3b9afebe8c7d0c5246cf0606663c43cc
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
salvattore.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
8 KB
5 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-217e"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
f4b40b08e78a393db399f7f472bf7bbd
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/
699 B
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6629a9db-2bb"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.7.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
0d3d1f1773276aa8475128fc75acdb51
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/
35 KB
8 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"651e190c-8dee"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
0df756d73d8136d8aae4579a57452d38
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/
733 B
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"651e190b-2dd"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8631767b5582ac5eadbba39c11d08103
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
new-tab.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/
34 KB
14 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6629a9e1-8687"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 25 Apr 2024 00:54:57 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/12/2024 20:57:08
link
<https://www.horizon3.ai/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9576089dea3a832122d406716577868f
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
common.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-53f"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
4f86d1302a76200bbf2bafb99a9ed6d6
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
script.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-module-code-snippet/features/DBCSCopyToClipboardFeature/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-module-code-snippet/features/DBCSCopyToClipboardFeature/script.js?ver=1.4.4
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
a1fc4d2a1d472a69f0736655a1de5a136b9daad166b23b065c96facb834b3724
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"66673745-4f8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Mon, 10 Jun 2024 17:26:29 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-module-code-snippet/features/DBCSCopyToClipboardFeature/script.js?ver=1.4.4>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
64223efe1cac3400e5daf21e3662b6ff
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
mediaelement-and-player.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
154 KB
39 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6335a9d7-26935"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 29 Sep 2022 14:21:11 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
7ba195e1e2c95ec593bd8b84a0a6ffdf
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
mediaelement-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"625095f6-4a7"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/15/2024 23:39:17
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c6cb5f8d0b5a89723aadfe0005719d27
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
wp-mediaelement.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"63e275aa-453"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Tue, 07 Feb 2023 16:00:42 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
62618920400772c571be29b1059d1661
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
10e5a9648bd0457bae09fdcd63aae1cd6448fc05f3c2aa091cd6ba7c17e162f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-cc2"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8851a3028a6b58e96bf8e098844d0b20
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
jquery.magnific-popup.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/
21 KB
9 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/jquery.magnific-popup.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
00bd70a9e2b51ce68971a89a29d07b1e06e49a5d1e71c6a44d1a7ccb41828095
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-5251"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/js/jquery.magnific-popup.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
3e8074e8cf0e3555f47c36e79cedf5a9
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
swiper-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/
142 KB
40 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-239c1"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1bfa51503c6671c5e99b4aea6b89d9a5
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-a85"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/14/2024 18:27:01
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
2ad9836b7fc903c75e231ba99f6e5493
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/
57 KB
17 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"62c614dc-41c5"
age
505938
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oDRIVZ9xaDne6m3UkIn%2Bb%2FXPWJik4dLl1SXf%2BnRmucleVdgFNjl2VFbBXj%2BkBrLrwQRhSNPLbOO2iAiO211MC53s3wIZd5zzTyJ519JEaJIPIeINItHnxQLXMzS6z%2Bg68gAk20lx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 13:15:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Jul 2022 23:03:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d385151cb8165bc-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16837
server
cloudflare
daterangepicker.min.js
cdn.jsdelivr.net/npm/daterangepicker/
32 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"7f60-yn4DlHkED3KaP/biww3JCbN4kvM"
age
10869
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220090-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
7106
x-jsd-version
3.1.0
jquery-ui.js
code.jquery.com/ui/1.13.2/
517 KB
124 KB
Script
General
Full URL
https://code.jquery.com/ui/1.13.2/jquery-ui.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
etag
W/"28feccc0-81307"
age
1310767
x-cache
HIT, HIT
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
60, 56091
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21926-LGA, cache-fra-etou8220138-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729084526.413027,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
126267
server
nginx
loadFilter.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/
44 KB
6 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/loadFilter.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"b08f-hyuFhPhDAFE5gn7UWPXhS1S5p0w"
age
22009
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220090-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6186
x-jsd-version
2.7.6
loadmore.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/
31 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/loadmore.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"7b9e-g8xMzqvVKM5J7uC4u0KIn/Wvuw4"
age
34650
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220090-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4509
x-jsd-version
2.7.6
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/
8 KB
3 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.3.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
6c742dbd1b71338da108a257be31d23bdde0a67b20440548db9ea70660bc7430
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f658-2075"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:44:24 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.3.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
71cb5a1cce5e0452708f78ac3561a7e6
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
motion-effects.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
154 KB
39 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
21299aa0cfccae6adfc1fdc2d6dfd6895c47f6f8b714b2683df914f9b5b485a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-26902"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
d16825fb621218f395a108ae31730875
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
sticky-elements.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
204 KB
57 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
b24aa7e74310a0cc0723f431099e76ab2dddbde19a580b3c3da79d88a80e6893
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-330a1"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/14/2024 13:26:44
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
3349331b53e6ed63b519f8a9e8699580
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
hotjar-5039807.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-5039807.js?sv=6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
c388681430c8e4e4d59313f3c6e965f66d940081e80f0d93239bc53cdc45e2f3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
etag
W/223dbd2aeb2f7b9289042ebb7ed952ef
age
19
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
Yz76i4KySP9Nq4nP11uTjN7t8Sz7wjkjup3sixNkc-C9IUQ5BpDBiQ==
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
gtm.js
www.googletagmanager.com/
295 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f6779772f1d80c2c9afb89bae9b0e94a4974d5c2a6c9d344c82efbb8ac3b057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 16 Oct 2024 13:15:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 16 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103446
x-xss-protection
0
server
Google Tag Manager
et-divi-dynamic-tb-260934-tb-4381-261986-late.css
www.horizon3.ai/wp-content/et-cache/261986/
201 KB
20 KB
Stylesheet
General
Full URL
https://www.horizon3.ai/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
144285e8182c3c3f25bf4992fbd3bf2e790369b48ad7e65cde3d9a2f9937ad2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
etag
W/"6708187b-32497"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 10 Oct 2024 18:10:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
server
nginx
modules.02161fb4f8ebb73fb3f8.js
script.hotjar.com/
225 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5039807.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-74.fra60.r.cloudfront.net
Software
/
Resource Hash
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-robots-tag
none
content-encoding
br
etag
"dec0c1b6789c165b6cb6404022b9d8ab"
age
191360
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
kg6WvgjVqe8EL1d2JjK4imYvRqAsiRGrfycoZVW5k6Y7lIlwozjPPg==
date
Mon, 14 Oct 2024 08:06:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 14 Oct 2024 08:05:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 6ee264f4aa2ef518b13a5a8305e8080e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56680
x-amz-cf-pop
FRA60-P9
js
www.googletagmanager.com/gtag/
344 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48b682b29c100125a4f2214c6b4d9dc4457a46a13cdf8fddb150909c3e8577ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 16 Oct 2024 13:15:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112447
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/
276 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10792903506&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a21969523ca47a16ddc6a5582469af4a265aff3eb1504e27a0b9fcc6428afd11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 16 Oct 2024 13:15:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 16 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96823
x-xss-protection
0
server
Google Tag Manager
pixel.js
www.redditstatic.com/ads/
42 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: t.co
URL: https://t.co/wjadgYjHBB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=63072000
content-encoding
gzip
etag
"15f4-gzip"
Connection
keep-alive
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
expires
Fri, 16 Oct 2026 13:15:26 GMT
accept-ranges
bytes
Content-Length
1988
Date
Wed, 16 Oct 2024 13:15:26 GMT
Content-Type
application/javascript
last-modified
Tue, 15 Oct 2024 17:17:28 GMT
vary
Accept-Encoding,User-Agent
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: t.co
URL: https://t.co/wjadgYjHBB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=63962
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Wed, 16 Oct 2024 13:15:26 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
PLwGhTJP
io.clickguard.com/s/cHJvdGVjdG9y/
8 KB
3 KB
Script
General
Full URL
https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5191fd064a8bd4901db0b5b36504c03da6a6d2e31f269a55d9ac966016cc196b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
CF-Cache-Status
DYNAMIC
etag
W/"1eaf-ElVWbbkV9vF5s7hhzyCCJRZTRM4"
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUYdXN%2Bi99%2BHi2qOtUhVs3opYU91gDqPWdxSZclYWddXbf%2FPrMQuyXWLrYat%2FS1mIEqMcP4Rasu8woZqncATJxGY59W1az%2BfMRYbjl9QitYWKJPZ3%2FKTrVuRLG889T8W7wLMNVHey%2Fmq9ql5mAl6"}],"group":"cf-nel","max_age":604800}
via
1.1 google
CF-RAY
8d3851536bc619b3-FRA
access-control-allow-origin
*
Date
Wed, 16 Oct 2024 13:15:26 GMT
Content-Type
application/javascript; charset=utf-8
x-powered-by
Express
Server
cloudflare
dreamdata.min.js
cdn.dreamdata.cloud/scripts/analytics/v1/
127 KB
38 KB
Script
General
Full URL
https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Requested by
Host: t.co
URL: https://t.co/wjadgYjHBB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=9JeVgg==, md5=WgwkKCkgGoD0mNSVnYPr/A==
etag
"5a0c242829201a80f498d4959d83ebfc"
age
110
x-goog-stored-content-encoding
gzip
expires
Wed, 16 Oct 2024 13:43:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
39064
date
Wed, 16 Oct 2024 13:13:36 GMT
last-modified
Tue, 19 Dec 2023 15:12:09 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3RmWxSIjCnNyPxyQ-QQ3COVzRqFtTcmzI6H3ZwxUfaoNb67rwnP9wmt8Tth_iG45lgMpinsrckuxzfIB0
strict-transport-security
max-age=63072000;includeSubdomains
cache-control
public,max-age=1800
x-goog-storage-class
STANDARD
referrer-policy
origin
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1702998729480704
content-length
39064
server
UploadServer
identify-form.min.js
cdn.dreamdata.cloud/scripts/identify-form/v1/
20 KB
5 KB
Script
General
Full URL
https://cdn.dreamdata.cloud/scripts/identify-form/v1/identify-form.min.js
Requested by
Host: t.co
URL: https://t.co/wjadgYjHBB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
66c5889779331f1942f8bf56933acbab2f3c264c7e77f367795a8cb04506e9ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=5dIwaw==, md5=impdbDppdNC8N+U3EJYhRg==
etag
"8a6a5d6c3a6974d0bc37e53710962146"
age
45
x-goog-stored-content-encoding
gzip
expires
Wed, 16 Oct 2024 13:44:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
4325
date
Wed, 16 Oct 2024 13:14:41 GMT
last-modified
Fri, 12 Apr 2024 10:25:35 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3eiocIfV2X7pnj0AaDJwPT53idvRio7vsgNnhydbluXFi2eq2SfDIa5x837g_S9JUKyEgFO96ooA
strict-transport-security
max-age=63072000;includeSubdomains
cache-control
public, max-age=1800
x-goog-storage-class
STANDARD
referrer-policy
origin
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1712917535471168
content-length
4325
server
UploadServer
1018520.js
tracking.g2crowd.com/attribution_tracking/conversions/
2 KB
2 KB
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/1018520.js?p=https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/&e=
Requested by
Host: t.co
URL: https://t.co/wjadgYjHBB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592f7197a0be2403b00faee4497dd6f88a553191138f9c81db3e83b549dadf09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
text/javascript;charset=UTF-8
content-disposition
inline
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8d38515388063a79-FRA
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
server
cloudflare
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-V462VSRXXS&gtm=45je4ae0v889089095z8852319646za200zb852319646&_p=1729084526319&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=563089599.1729084527&ecid=1949405503&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729084526&sct=1&seg=0&dl=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&dr=https%3A%2F%2Ft.co%2F&dt=Palo%20Alto%20Expedition%3A%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1346
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.horizon3.ai
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
545 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V462VSRXXS&cid=563089599.1729084527&gtm=45je4ae0v889089095z8852319646za200zb852319646&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.horizon3.ai
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V462VSRXXS&cid=563089599.1729084527&gtm=45je4ae0v889089095z8852319646za200zb852319646&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685&tag_exp=101686685&z=1247403
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 16 Oct 2024 13:15:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
config
pixel-config.reddit.com/pixels/t2_rwb6eefi/
3 B
124 B
XHR
General
Full URL
https://pixel-config.reddit.com/pixels/t2_rwb6eefi/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/json
t2_rwb6eefi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
699 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_rwb6eefi_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
97
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/
42 B
637 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1729084526784&id=t2_rwb6eefi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=910081ec-a1f4-49d8-a6c3-37fab9614f7d&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
image/gif
server
Varnish
p
cdn.dreamdata.cloud/api/v1/
16 B
33 B
XHR
General
Full URL
https://cdn.dreamdata.cloud/api/v1/p
Requested by
Host: cdn.dreamdata.cloud
URL: https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

strict-transport-security
max-age=63072000;includeSubdomains
referrer-policy
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
a990bbdd4431b8072b204683d77675ad
server
Google Frontend
attribution_trigger
px.ads.linkedin.com/
2 B
813 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3527860&time=1729084526834&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
00062497dd055fbe68f2b7168544249d
x-msedge-ref
Ref A: 7B5B906F38E34328810B4891DAFC8345 Ref B: FRAEDGE1211 Ref C: 2024-10-16T13:15:26Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYkl90FX75o8rcWhUQknQ==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084526834&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084526834&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQK...
0
266 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084526834&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQKgLrFsxYFOrQAAAZKVeBHUhExQoqQeKG4Tk85eAu4zwl6xoRigVCRGOVgsCjAgwJLb6Nx0hWqF
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4B1C3F3C33094DFA91FC40CFB992F1B5 Ref B: DUS30EDGE0819 Ref C: 2024-10-16T13:15:27Z
x-li-fabric
prod-lor1
x-li-uuid
AAYkl90LoDgSTFG1ddyIuw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 16 Oct 2024 13:15:26 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084526834&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQKgLrFsxYFOrQAAAZKVeBHUhExQoqQeKG4Tk85eAu4zwl6xoRigVCRGOVgsCjAgwJLb6Nx0hWqF
x-msedge-ref
Ref A: 856E495374A441FDAC8A6A5D399ED15F Ref B: DUS30EDGE0818 Ref C: 2024-10-16T13:15:26Z
x-li-fabric
prod-lor1
x-li-uuid
AAYkl90Fh/OeLNJlXNtxyw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 16 Oct 2024 13:15:26 GMT
assign
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Ping
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by
Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1018520.js?p=https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/&e=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryWsVXAdVYijPbghIZ
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

Red-Team-Blog-BG.jpg
www.horizon3.ai/wp-content/uploads/2022/10/
51 KB
52 KB
Image
General
Full URL
https://www.horizon3.ai/wp-content/uploads/2022/10/Red-Team-Blog-BG.jpg
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728577881
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728577881

Response headers

etag
"651e18fd-cdcc"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:27 GMT
content-type
image/jpeg
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
52684
x-xss-protection
"1; mode=block"
server
nginx
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
34571
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:39:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:39:16 GMT
last-modified
Thu, 29 Jun 2023 16:13:30 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25500
x-xss-protection
0
server
sffe
modules.woff
www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/
10 KB
11 KB
Font
General
Full URL
https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.woff
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803

Response headers

etag
"6707f6b6-2850"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:27 GMT
content-type
font/woff
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
10320
x-xss-protection
"1; mode=block"
server
nginx
fa-solid-900.woff2
www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/
78 KB
79 KB
Font
General
Full URL
https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803

Response headers

etag
"6707f6b6-139ac"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:27 GMT
content-type
font/woff2
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
80300
x-xss-protection
"1; mode=block"
server
nginx
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
34744
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:36:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:36:23 GMT
last-modified
Thu, 29 Jun 2023 16:17:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25656
x-xss-protection
0
server
sffe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
128720
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 01:30:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 01:30:07 GMT
last-modified
Thu, 29 Jun 2023 16:18:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25320
x-xss-protection
0
server
sffe
/
content.hotjar.io/
56 B
171 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=5039807&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.248.18.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-18-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e28f635eeae21b022303aa4fdb07a9fa4a0fb67402fc99552b1ccd1b48b45212

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Wed, 16 Oct 2024 13:15:27 GMT
content-type
application/json
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
400014
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 11 Oct 2025 22:08:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 22:08:33 GMT
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23316
x-xss-protection
0
server
sffe
modules.woff
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/
90 KB
91 KB
Font
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"6707f6b6-167b4"
x-content-type-options
nosniff
content-type
font/woff
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
cdn-cachedat
10/10/2024 15:46:51
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
accept-ranges
bytes
content-length
92084
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:27 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
706700de413607eea843ff40e66a1d26
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUz.woff
fonts.gstatic.com/s/rubik/v28/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUz.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
bd36dfbd26f0a08907b7e0ebd088ee1bcba672d77655947144fa6c150afc40e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
33672
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:54:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:54:15 GMT
last-modified
Thu, 29 Jun 2023 16:18:08 GMT
content-type
font/woff
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32444
x-xss-protection
0
server
sffe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
fonts.gstatic.com/s/rubik/v28/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
33455
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:57:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:57:52 GMT
last-modified
Thu, 29 Jun 2023 16:13:31 GMT
content-type
font/woff
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32848
x-xss-protection
0
server
sffe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUw.ttf
fonts.gstatic.com/s/rubik/v28/
67 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUw.ttf
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
869d26755acd4c1683b650f96b45263ab89ea0ef5c3866e61345cc61d07b336c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

content-encoding
gzip
age
34633
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:38:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:38:14 GMT
last-modified
Thu, 29 Jun 2023 16:18:07 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36588
x-xss-protection
0
server
sffe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
fonts.gstatic.com/s/rubik/v28/
68 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

content-encoding
gzip
age
113563
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 05:42:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 05:42:44 GMT
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37076
x-xss-protection
0
server
sffe
/
px.ads.linkedin.com/wa/
0
196 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D9A8DE6E168645F9A200FAE74EB5EA30 Ref B: DUS30EDGE0818 Ref C: 2024-10-16T13:15:27Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYkl90Q/j08/amw8YqLJA==
x-li-proto
http/2
access-control-allow-origin
https://www.horizon3.ai
x-cache
CONFIG_NOCACHE
date
Wed, 16 Oct 2024 13:15:27 GMT
vary
Origin
analytics
pi.pardot.com/
1 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=Palo%20Alto%20Expedition%3A%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&referrer=https%3A%2F%2Ft.co%2F
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
22c50ab925b4488b3d254eb9272494f6ea28a5dcbac695cedb812f1fa94e28ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
535
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Wed, 16 Oct 2024 13:15:28 GMT
Content-Type
text/javascript; charset=utf-8
vary
Accept-Encoding,User-Agent
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/
0
592 B
XHR
General
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvuRxHkb3Kd6aAWq5cvfdWm8Z%2BGxvnn2QyeCeMI9qtAJAWIgrGaJIn6Tq1RZKfPhZYIt6uEvoAnxAz2IX5GReNDO7POlYDIVC2CSU0Ccd7WoizNP%2FMYmem3LFv9GocuSjqHLYo%2FL0ETi73%2FCfpfBOytk"}],"group":"cf-nel","max_age":604800}
via
1.1 google
CF-RAY
8d38515bca5e6909-FRA
access-control-allow-origin
*
Content-Length
0
Date
Wed, 16 Oct 2024 13:15:28 GMT
x-powered-by
Express
Server
cloudflare
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/ Frame
0
0
Preflight
General
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8d38515ac95e6909-FRA
Connection
keep-alive
Content-Length
0
Date
Wed, 16 Oct 2024 13:15:27 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BvS6tZtdpRTvFREo33qLrEy2uIQ2nfrx41%2BSBbWh182AAP0jXyhzXjd2paYePJ%2B1pla722aV9ImPclgElpUbw8dN%2FVBm6F32CwxQIrdtaswbEvwCijDRCpYaClU4dgQd1C0DYJN4%2FO3gGW%2Fg7pYu2XY"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
analytics
go.horizon3.ai/
50 B
1020 B
Script
General
Full URL
https://go.horizon3.ai/analytics?conly=true&visitor_id=141062740&visitor_id_sign=82454874d8a9360635d18e5c1b9e854bd2d4c4d7091d1f288ebe544f8cc763f405973ac57dc6210f06ecec285c9d5bc0eac0d18a&pi_opt_in=&campaign_id=17120&account_id=972073&title=Palo%20Alto%20Expedition:%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&url=https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/&referrer=https://t.co/
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=Palo%20Alto%20Expedition%3A%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&referrer=https%3A%2F%2Ft.co%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
50
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Wed, 16 Oct 2024 13:15:28 GMT
Content-Type
text/javascript; charset=utf-8
vary
User-Agent
zi-tag.js
js.zi-scripts.com/
9 KB
3 KB
Script
General
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-version-id
PTl7rnF_EEhUwyN5J882FhdYw1E0brGf
etag
W/"b2877da906a3216c4f3fc4030b205e54"
age
39338
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
gmQjmot0_MR_nYGY60QfcyqnZtXLa3VsqdGPaycyUBJeQCfBiFr4zQ==
date
Wed, 16 Oct 2024 13:15:28 GMT
content-type
application/javascript
last-modified
Thu, 18 Jul 2024 08:13:46 GMT
vary
Accept-Encoding
server-timing
cfExtPri
via
1.1 b09c8a20b29053a362f3c1085a0f8990.cloudfront.net (CloudFront)
cf-ray
8d3851617d2bca70-HAM
x-amz-cf-pop
MRS52-P5
server
cloudflare
admin-ajax.php
www.horizon3.ai/wp-admin/
5 KB
2 KB
XHR
General
Full URL
https://www.horizon3.ai/wp-admin/admin-ajax.php
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e1b2235641cb8b0030af5cbc534d7c3c8ca99bb8a0ffe6be0f9fb4dd7a0912ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag
noindex
content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Wed, 16 Oct 2024 13:15:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
https://www.horizon3.ai
content-length
871
x-xss-protection
"1; mode=block"
x-powered-by
WP Engine
server
nginx
cropped-favicon-32x32.png
p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/
2 KB
3 KB
Other
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/cropped-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 / RocketCDN - b
Resource Hash
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e1904-78c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:28 GMT
content-type
image/png
last-modified
Thu, 05 Oct 2023 02:01:40 GMT
cdn-cachedat
10/10/2024 17:53:09
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2021/06/cropped-favicon-32x32.png>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
f49b5b7a33f924786c9260efae783c5e
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
1932
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
getSubscriptions
js.zi-scripts.com/unified/v1/master/
203 B
601 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d8a0fdac0d87ed5f11db9c0e82067c002e6b246e0229708961c5cca540ad2c53

Request headers

Authorization
Bearer 91ee87a5431669218673
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
visited_url
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"cb-3a2wabAtg+cJMFRyihQLZUjplQ8"
apigw-requestid
fvphyhHvPHcEPqQ=
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
K6EoN6Sxn6dlcfV7fbNEZZ5kyAvoXKtobK25EtcFQwF6-HvRohR3ng==
date
Wed, 16 Oct 2024 13:15:29 GMT
content-type
application/json; charset=utf-8
vary
Origin
server-timing
cfExtPri
via
1.1 3a44dad7e9e127d6bbe2dd7957b682d8.cloudfront.net (CloudFront)
cf-ray
8d385163bd79cacd-HAM
access-control-allow-origin
https://www.horizon3.ai
x-amz-cf-pop
MRS52-P5
x-powered-by
Express
server
cloudflare
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods
POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin
https://www.horizon3.ai
alt-svc
h3=":443"; ma=86400
apigw-requestid
fvphui9hPHcES_Q=
cf-cache-status
DYNAMIC
cf-ray
8d3851624b8fcacd-HAM
date
Wed, 16 Oct 2024 13:15:29 GMT
server
cloudflare
server-timing
cfExtPri
vary
Origin
via
1.1 2d74eb05f17e8cd9ca29da65d3b3ff48.cloudfront.net (CloudFront)
x-amz-cf-id
ObxlmcnOWn7XYesymXNmFrsrsJdT03_yetSvjcW_tqeMN7-TYfiyyw==
x-amz-cf-pop
MRS52-P5
x-cache
Miss from cloudfront
x-powered-by
Express
/
ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/?iszitag=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://www.horizon3.ai
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d385166bc45dc60-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 13:15:29 GMT
server
cloudflare
server-timing
cfExtPri
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
formcomplete.js
ws-assets.zoominfo.com/
90 KB
27 KB
Script
General
Full URL
https://ws-assets.zoominfo.com/formcomplete.js
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
cf-cache-status
DYNAMIC
etag
W/"006455bd44ed289ddcc403d0ecd96ab0"
age
1340
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Wed, 16 Oct 2024 13:53:09 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
91778
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:29 GMT
content-type
application/javascript
last-modified
Thu, 16 May 2024 10:14:37 GMT
x-guploader-uploadid
AHmUCY2sLWlmuBB7jeNFevPgqMSeXSO9HLEDHzXvN1oAyg1UHujErGXt6uTxSyWjYUbZqqojvJbh8INWGg
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
cf-ray
8d385166adadbbda-FRA
x-goog-generation
1715854477710382
server
cloudflare
/
ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/
5 KB
2 KB
Fetch
General
Full URL
https://ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a369c6ddffa2a9c9efb1481b58dceec494704c214b9a70a9907da09dd9d83f82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

_zitok
54267c5ba35aab0168301729084529
_vtok
MjE3LjExNC4yMTguMjE=
visited-url
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/javascript

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:30 GMT
content-type
text/javascript
vary
Accept-Encoding
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d385167eb272be6-FRA
access-control-allow-origin
https://www.horizon3.ai
x-powered-by
Express
server
cloudflare
forms
ws.zoominfo.com/formcomplete-v2/
2 B
363 B
Fetch
General
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Authorization
bearer dddfc8155a8b4c46fae3f17128d0bf
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-robots-tag
noindex, nofollow
cf-cache-status
DYNAMIC
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:30 GMT
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d3851684b962be6-FRA
access-control-allow-origin
https://www.horizon3.ai
content-length
2
x-powered-by
Express
server
cloudflare
forms
ws.zoominfo.com/formcomplete-v2/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.horizon3.ai
allow
POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d3851673dc9dc60-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 13:15:29 GMT
server
cloudflare
server-timing
cfExtPri
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
a5687f80-9928-414c-959c-d6f2e7746873
https://www.horizon3.ai/
5 KB
0
Script
General
Full URL
blob:https://www.horizon3.ai/a5687f80-9928-414c-959c-d6f2e7746873
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a369c6ddffa2a9c9efb1481b58dceec494704c214b9a70a9907da09dd9d83f82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
Content-Length
4862
data.js
tags.clickagy.com/
36 KB
13 KB
Script
General
Full URL
https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by
Host: www.horizon3.ai
URL: blob:https://www.horizon3.ai/a5687f80-9928-414c-959c-d6f2e7746873
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
429e6cab64539f15ca1c33984a782a42b43c0f02dba4cc4009f322f89fac9492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
etag
W/"2ac14c18b84a1d8b7e645922aeff9e5b"
x-amz-version-id
IA_xxjAGlNIXOVlzxUwJZwRAUV0GLAv1
age
4756
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
8ytpgq-3P-6NHOIfpaPbSSw9MTwEDDQlaV_nigFPLD89JKLaK4r7yg==
date
Wed, 16 Oct 2024 11:56:15 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 01 Oct 2024 15:11:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
up_loader.1.1.0.js
js.adsrvr.org/
51 KB
13 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.horizon3.ai
URL: blob:https://www.horizon3.ai/a5687f80-9928-414c-959c-d6f2e7746873
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
W/"c344dc53c8de38f6fc7ffc8afeeeee6e"
Age
22544
Connection
keep-alive
Via
1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
t_lgRVVOoXo6WMtzklCrI1e9Ocqy4Hs-PleTDk3po3nAqLyOwAVFgw==
Date
Wed, 16 Oct 2024 06:59:47 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 15 Oct 2024 06:56:09 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
x-amz-server-side-encryption
AES256
up
insight.adsrvr.org/track/ Frame 2125
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=nnpwm2i&ref=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&upid=r539y9j&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Wed, 16 Oct 2024 13:15:30 GMT
server
Kestrel
data
aorta.clickagy.com/
57 B
506 B
XHR
General
Full URL
https://aorta.clickagy.com/data
Requested by
Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.99.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-99-33.compute-1.amazonaws.com
Software
Aorta/20241010.2abbd14b2 /
Resource Hash
11ad7e73c947b776e52aa20333ad9b2013b502110a9f22838226c15dd4fff639

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-max-age
31536000
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
expect
0
content-encoding
gzip
access-control-allow-credentials
true
x-aorta-region
us-east-1
access-control-allow-methods
POST, GET, OPTIONS
x-aorta-host
d4daa9e320e2
access-control-allow-origin
https://www.horizon3.ai
content-length
82
date
Wed, 16 Oct 2024 13:15:30 GMT
content-type
application/json
server
Aorta/20241010.2abbd14b2
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
cm
us-u.openx.net/w/1.0/
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
43 B
295 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
private, max-age=0, no-cache
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
56
date
Wed, 16 Oct 2024 13:15:30 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
server
OXGW/0.0.0

Redirect headers

access-control-max-age
31536000
access-control-expose-headers
Set-Cookie
location
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
expect
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
access-control-allow-methods
POST, GET, OPTIONS
x-aorta-host
e581994a5ab2
access-control-allow-origin
*
content-length
0
date
Wed, 16 Oct 2024 13:15:30 GMT
content-type
application/json
server
Aorta/20241010.2abbd14b2
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
hasHashes
hemsync.clickagy.com/external/
2 B
326 B
XHR
General
Full URL
https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by
Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.239.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-239-60.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
content-length, last-modified, expires, content-type
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://www.horizon3.ai
content-length
28
date
Wed, 16 Oct 2024 13:15:30 GMT
content-type
text/plain; charset=utf-8
vary
origin
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-V462VSRXXS&gtm=45je4ae0v889089095za200zb852319646&_p=1729084526319&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=563089599.1729084527&ecid=1949405503&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729084526&sct=1&seg=0&dl=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&dr=https%3A%2F%2Ft.co%2F&dt=Palo%20Alto%20Expedition%3A%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&en=scroll&epn.percent_scrolled=90&_et=46&tfd=6401
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.horizon3.ai
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:31 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERENCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE object| loadmore_ajax_object function| hj object| _hjSettings object| elm object| dataLayer function| sixteenNine object| zi string| ZIProjectKey object| et_animation_data object| tribe_l10n_datatables function| getParam function| getExpiryRecord function| addGclid function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data function| rdt string| piAId string| piCId string| piHostname string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| iframeSelector string| gaEventName object| analytics object| __DD_TEMP_ANALYTICS__ object| script function| updateUrlWithUid function| onYouTubeIframeAPIReady object| gaGlobal function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars function| redditNormalizeEmail object| salvattore object| addComment object| DiviBlogExtrasFrontendData object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| wp function| Swiper function| autoIdentify object| JSON3 function| setImmediate function| clearImmediate string| Integration function| normalize boolean| _already_called_lintrk function| moment function| daterangepicker object| _0xf102 function| _0x20fb object| CG function| _cg_convert function| cg_convert object| eventFeeddecm_event_display_0_tb_header object| et_pb_motion_elements object| et_pb_sticky_elements object| ET_Builder object| ET_FE object| ET_FB function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init string| currentText string| categoryCookie object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms function| et_pb_slider_init function| et_pb_image_lightbox_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_init function| et_pb_reinit_circle_counters function| et_pb_circle_counter_update function| et_pb_reinit_number_counters function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| ORIBILI function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse function| et_pb_init_woo_custom_button_icon string| waypointContextKey object| zitag object| ZILogs function| loadZILogs function| errorHandler object| _zi_fc object| regeneratorRuntime object| _zi object| ziws object| ttdEl object| loaderEl function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel object| _uid2SdkListenerLock function| setupUid2Sdk function| _initClickagy

31 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: cd4ba4e3-6b32-49ca-80ff-638a8e9190d3
.t.co/ Name: __cf_bm
Value: f7KeMeTGz01LPeUAvfJVUkyVzFREFp5hnA6C.vNioH4-1729084525-1.0.1.1-jju7AUcjWAPIrGbGkETIt_IAqOHCgW1GoktJcwdMSuPeuD7xggYpndLmHzNihqwY5DKcgB3clsuzdohAGPLBdg
.horizon3.ai/ Name: _gcl_au
Value: 1.1.710227225.1729084527
.g2crowd.com/ Name: __cf_bm
Value: M.stBGUhP3OBeyMcxlbtZSFDWCiBVYV1G1WbXB8X7ps-1729084526-1.0.1.1-o9RAQEfTvEcrxKeDbwOhXeblQjOdLOSLEm4cv2SSpNX07PGkCPCGtW5.byPRhOrl0Bs6jrPdxUiB8ass5kFyTw
.horizon3.ai/ Name: _ga
Value: GA1.1.563089599.1729084527
.horizon3.ai/ Name: _ga_V462VSRXXS
Value: GS1.1.1729084526.1.0.1729084526.60.0.1949405503
.horizon3.ai/ Name: _rdt_uuid
Value: 1729084526783.910081ec-a1f4-49d8-a6c3-37fab9614f7d
.horizon3.ai/ Name: ajs_user_id
Value: null
.horizon3.ai/ Name: ajs_group_id
Value: null
.horizon3.ai/ Name: ajs_anonymous_id
Value: %22b5fb0191-9891-46e9-8d56-7ff7935e9608%22
.horizon3.ai/ Name: _hjSessionUser_5039807
Value: eyJpZCI6Ijc3NGE5OTM5LWUyYzEtNTZiOC04ZGFkLWU0N2M5MmVhYmMzZCIsImNyZWF0ZWQiOjE3MjkwODQ1MjY5MDcsImV4aXN0aW5nIjp0cnVlfQ==
.linkedin.com/ Name: bcookie
Value: "v=2&52ac7ec9-1e63-4b49-8bf3-3d22fd2c9de1"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjkwODQ1Mjc7MjswMjFtbJ2kRhncMkB6riQnJMVHLpv6RHxsZCPO/G25rHJIyg==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3461:u=1:x=1:i=1729084527:t=1729170927:v=2:sig=AQEpwe7ukFiPSk10ubCE5oSsQ5dbhGUO"
.horizon3.ai/ Name: _hjSession_5039807
Value: eyJpZCI6ImI3N2VmZjliLWUyZjctNDE1Zi04YzEyLWE0Y2Q0ZDlmZTc3YyIsImMiOjE3MjkwODQ1MjY5MTMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.horizon3.ai/ Name: cookielawinfo-checkbox-necessary
Value: yes
www.horizon3.ai/ Name: cookielawinfo-checkbox-functional
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-performance
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-analytics
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-advertisement
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-others
Value: no
.pardot.com/ Name: visitor_id971073
Value: 141062740
.pardot.com/ Name: visitor_id971073-hash
Value: 82454874d8a9360635d18e5c1b9e854bd2d4c4d7091d1f288ebe544f8cc763f405973ac57dc6210f06ecec285c9d5bc0eac0d18a
pi.pardot.com/ Name: lpv971073
Value: aHR0cHM6Ly93d3cuaG9yaXpvbjMuYWkvYXR0YWNrLXJlc2VhcmNoL3BhbG8tYWx0by1leHBlZGl0aW9uLWZyb20tbi1kYXktdG8tZnVsbC1jb21wcm9taXNlLw%3D%3D
www.horizon3.ai/ Name: visitor_id971073
Value: 141062740
www.horizon3.ai/ Name: visitor_id971073-hash
Value: 82454874d8a9360635d18e5c1b9e854bd2d4c4d7091d1f288ebe544f8cc763f405973ac57dc6210f06ecec285c9d5bc0eac0d18a
go.horizon3.ai/ Name: visitor_id971073
Value: 141062740
go.horizon3.ai/ Name: visitor_id971073-hash
Value: 82454874d8a9360635d18e5c1b9e854bd2d4c4d7091d1f288ebe544f8cc763f405973ac57dc6210f06ecec285c9d5bc0eac0d18a
.www.horizon3.ai/ Name: _zitok
Value: 54267c5ba35aab0168301729084529
.zoominfo.com/ Name: __cf_bm
Value: PkPvN1aN_6PE9eWWBPNiUn2Jjnw5bigl3GIMWO3tIsE-1729084529-1.0.1.1-gLnPSLRbqgOBkgig_he0dmjiQA_3RZp3qklSr0UdYTt8UNopwkJYVfVQwIf7Oh.2ldL4771.4G_a56DSqfR8sA
.zoominfo.com/ Name: _cfuvid
Value: uXOxxikQvAikrVo56pJv9qcD2PAqc0JYQpPW4hPIsqI-1729084529741-0.0.1.1-604800000

13 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
aorta.clickagy.com
cdn.dreamdata.cloud
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
content.hotjar.io
fonts.gstatic.com
go.horizon3.ai
hemsync.clickagy.com
insight.adsrvr.org
io.clickguard.com
js.adsrvr.org
js.zi-scripts.com
p7i3u3x3.rocketcdn.me
pi.pardot.com
pixel-config.reddit.com
pulse.clickguard.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.clickagy.com
tracking.g2crowd.com
us-u.openx.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.google.de
www.googletagmanager.com
www.horizon3.ai
www.redditstatic.com
104.16.117.43
104.16.118.43
104.17.25.14
104.18.37.212
104.197.16.226
13.107.42.14
13.33.187.74
142.250.181.227
142.250.186.35
151.101.129.140
151.101.193.140
172.66.0.227
18.172.103.101
18.66.102.11
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2600:9000:211e:e000:4:8491:f2c0:93a1
2606:4700:20::681a:c98
2606:4700:20::681a:d98
2606:4700::6812:1eb0
2620:1ec:21::14
2a00:1450:4001:808::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:10::210:a9a
2a04:4e42:200::485
2a04:4e42:200::649
2a04:4e42:600::396
3.212.99.33
34.120.220.80
34.237.219.119
34.248.18.191
35.244.159.8
44.216.239.60
52.223.40.198
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
00bd70a9e2b51ce68971a89a29d07b1e06e49a5d1e71c6a44d1a7ccb41828095
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
0abb6b841ec88ed4a6de1540fd8f6cf921147c69a849a617989fab23f53b520c
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
10e5a9648bd0457bae09fdcd63aae1cd6448fc05f3c2aa091cd6ba7c17e162f7
11ad7e73c947b776e52aa20333ad9b2013b502110a9f22838226c15dd4fff639
144285e8182c3c3f25bf4992fbd3bf2e790369b48ad7e65cde3d9a2f9937ad2f
159e251000e49e115bfc34826f374f10a0b48eb8b0c6e1f2677856919e90c02a
1bf8ed7e87bfb6547e0c40b7ab6721c4f39f3fc60bac5ae463f12cd2198b2349
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
21299aa0cfccae6adfc1fdc2d6dfd6895c47f6f8b714b2683df914f9b5b485a3
22a7ae46aefb3325e3e2761085d7b2ea2cda8dc351cf391a62918bb09784f693
22c50ab925b4488b3d254eb9272494f6ea28a5dcbac695cedb812f1fa94e28ed
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
2a68d702f2d1190671d9591ab1623372c776df8e002b1cf9ffc020b29da39d92
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
2f6779772f1d80c2c9afb89bae9b0e94a4974d5c2a6c9d344c82efbb8ac3b057
385825f3c978e51201237611398c837352a7cf4fc8f4dce0badef3871cad2dd4
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
429e6cab64539f15ca1c33984a782a42b43c0f02dba4cc4009f322f89fac9492
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449706de74ec55e3197ad93625d95d369ec29e034847695cbf3b674500d0aaa7
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
48b682b29c100125a4f2214c6b4d9dc4457a46a13cdf8fddb150909c3e8577ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5191fd064a8bd4901db0b5b36504c03da6a6d2e31f269a55d9ac966016cc196b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
55e13c57cc149af08d7bf2725cc8d788814aa4d8a6533d5cf3501af1a67e8687
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
592f7197a0be2403b00faee4497dd6f88a553191138f9c81db3e83b549dadf09
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5caa03f2cf0f0dfcf01c3b7eb5d3e3e9204a67d40987bf6429bf2ce5266f951d
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
66c5889779331f1942f8bf56933acbab2f3c264c7e77f367795a8cb04506e9ff
67e0fb8e2434263af911d5e7fc7c0a61f9faa8c428f114b56236acfea20191f8
6a3b8f0bc82438614757559760af1e72d2bb121b7a178069e9ea17af37ca9727
6af23fd5d68900400e981906d4bf799efb94d589616b846112f9e2684274c692
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6bf44386a20716649e91ceff27bb8824fa56b8d63de6e6502f9a0960ab529c83
6c742dbd1b71338da108a257be31d23bdde0a67b20440548db9ea70660bc7430
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
6ef0799d97f6b9d6b1cb61f5e2962b7778165a99e3fdcdd93e56a7f3514ac659
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
726143045da1bce502842c072048df39d9e49e9a4d0c448fdb13de55b964cea2
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
751a73d9a95700a13e0592a06cfa3680c9a50f8105bcc1332b4ed0b92dc78ca2
79649dc7389e7c9f43ab6f4610fd33b96798f406b71e31680764c072a1dcbcfd
798b31a18cae3f6010e75b292d5efa21b347cb479c319b0b7344e023f1ed022a
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7b898b6a4c55324c6c8d31fc29867d4ab4d554819b8fd2dbb80960af1323eab7
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
7d3ef1a0879b370d8f13d97d76b995ab0106b3283f9312e329abd724c3aea1cf
7f129d679c333a252660449c1841035b697e85642d5617a7bcbcfabe02e2c069
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
8205d888f22bd7c24358689dc83a660090dc55d45f86ee9a4f521e135b56cc25
85375eab1610513e2743d5ecc157320b210104dbb86b3daa5a174e0ae90c0dae
869d26755acd4c1683b650f96b45263ab89ea0ef5c3866e61345cc61d07b336c
898d53081a3b7835eeaaf8c12d300b8c28b610d61f573056b44c5aad7ea3a76c
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de
988524b3eb63f91d1eb9a1dee01f9b3d6186f622e7315a47d31b20aef010bcaf
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
a1fc4d2a1d472a69f0736655a1de5a136b9daad166b23b065c96facb834b3724
a21969523ca47a16ddc6a5582469af4a265aff3eb1504e27a0b9fcc6428afd11
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
a369c6ddffa2a9c9efb1481b58dceec494704c214b9a70a9907da09dd9d83f82
a6fa4fd70eb16b5b84865862f147a578ea153fd33fa414b4f90b23d979dec616
ab99447e2a3d73f045ab7579bb6e734f49abc4e046139c3afb336ecc76754b66
adacf4458aa949a6b32939da6b9d319c147f4ac5e76960ff106a393bbea3b37d
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b17e75595f8c188bffef259c2ae6017a14b232c2f1833010224fc50683243738
b24aa7e74310a0cc0723f431099e76ab2dddbde19a580b3c3da79d88a80e6893
b2749d534580075928305c8fbb8cc0224d2fbd87343438ecef42f0c8b0cdc980
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd36dfbd26f0a08907b7e0ebd088ee1bcba672d77655947144fa6c150afc40e9
bf05a9aab699f4d6b5a8cc679efe50ae7562e9635b1d2a3a5e6fdc31abc54ba1
bfa10318adf08d448ae42a0a02e1f0264f90a39a537f4e1f4fd6cee4b17af1a1
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
c388681430c8e4e4d59313f3c6e965f66d940081e80f0d93239bc53cdc45e2f3
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757
c4e1638e8764c786a6a14eb7e96ebfb8589ac187691b5e0bc9f4fda7c1492ab4
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f
c82579181db2e7c0cc170f8cc483383dcdc29177a91abeec4ddd99f5fb067b4a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd6259ec59126338f11a9b28a330a866a58a7f169e6ec4f93622672e5332d016
ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f
d3be81811faf161b3a779e65166be4313bd33f08ec7841a2aa9fbc11edafb033
d65fa445e89a329e393e914790b08f0b7cdb441f72fbe5d0fad0f43d92f2efee
d8a0fdac0d87ed5f11db9c0e82067c002e6b246e0229708961c5cca540ad2c53
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
e1b2235641cb8b0030af5cbc534d7c3c8ca99bb8a0ffe6be0f9fb4dd7a0912ff
e28f635eeae21b022303aa4fdb07a9fa4a0fb67402fc99552b1ccd1b48b45212
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01fc7491b03e36f48623cbf87cbe09be93cd1280232a32de0d07ae66ac9dca6
f653c580a161c53dac7b5e8f1c76ba8b03b3683b4ff48e5d0ebd3f7087b44229
f69948dfcbd3dcd9200b96c07e77683d542b716df21afd4a1696c47b2e6462ce
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
f94790aaef69319d75608143a96875a210ec95d7267af50752b725bb6b6a081c
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
fe676b7de732436eef5cc928e6ce2a5a87d51b34155753d343f88746c4bfb891
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196