URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Submission: On October 16 via api from IN — Scanned from DE

Summary

This website contacted 34 IPs in 4 countries across 25 domains to perform 153 HTTP transactions. The main IP is 104.197.16.226, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.horizon3.ai.
TLS certificate: Issued by R10 on September 18th 2024. Valid for: 3 months.
This is the only time www.horizon3.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 104.197.16.226 396982 (GOOGLE-CL...)
88 2400:52e0:1e0... 60068 (CDN77 _)
4 2a04:4e42:600... 54113 (FASTLY)
2 2a04:4e42:400... 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 18.66.102.51 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.33.187.19 16509 (AMAZON-02)
2 2a04:4e42::396 54113 (FASTLY)
2 18.208.125.13 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 34.120.220.80 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 172.217.18.99 15169 (GOOGLE)
1 18.66.112.79 16509 (AMAZON-02)
1 151.101.193.140 54113 (FASTLY)
1 151.101.129.140 54113 (FASTLY)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.54.96.194 14618 (AMAZON-AES)
3 172.64.150.44 13335 (CLOUDFLAR...)
5 104.16.117.43 13335 (CLOUDFLAR...)
1 2600:9000:211... 16509 (AMAZON-02)
1 18.172.103.101 16509 (AMAZON-02)
1 2 54.82.29.133 14618 (AMAZON-AES)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 3.33.220.150 16509 (AMAZON-02)
1 54.210.70.5 14618 (AMAZON-AES)
153 34
Apex Domain
Subdomains
Transfer
88 rocketcdn.me
p7i3u3x3.rocketcdn.me — Cisco Umbrella Rank: 974922
2 MB
8 gstatic.com
fonts.gstatic.com
233 KB
8 horizon3.ai
www.horizon3.ai
go.horizon3.ai
238 KB
5 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4482
ws-assets.zoominfo.com — Cisco Umbrella Rank: 11155
30 KB
4 clickagy.com
tags.clickagy.com — Cisco Umbrella Rank: 17248
aorta.clickagy.com — Cisco Umbrella Rank: 2541
hemsync.clickagy.com — Cisco Umbrella Rank: 16404
14 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
px4.ads.linkedin.com — Cisco Umbrella Rank: 6828
2 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
20 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 5671
4 KB
3 dreamdata.cloud
cdn.dreamdata.cloud — Cisco Umbrella Rank: 50534
43 KB
3 clickguard.com
io.clickguard.com — Cisco Umbrella Rank: 79855
pulse.clickguard.com — Cisco Umbrella Rank: 56202
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
307 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1442
insight.adsrvr.org — Cisco Umbrella Rank: 945
13 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 8252
2 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 5653
4 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
132 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
98 B
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
554 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3185
231 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
17 KB
153 25
Domain Requested by
88 p7i3u3x3.rocketcdn.me www.horizon3.ai
8 fonts.gstatic.com www.horizon3.ai
7 www.horizon3.ai www.horizon3.ai
p7i3u3x3.rocketcdn.me
4 ws.zoominfo.com js.zi-scripts.com
ws-assets.zoominfo.com
4 cdn.jsdelivr.net www.horizon3.ai
3 js.zi-scripts.com www.horizon3.ai
js.zi-scripts.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 cdn.dreamdata.cloud www.horizon3.ai
cdn.dreamdata.cloud
3 www.googletagmanager.com www.horizon3.ai
www.googletagmanager.com
2 aorta.clickagy.com 1 redirects tags.clickagy.com
2 pulse.clickguard.com io.clickguard.com
2 tracking.g2crowd.com www.horizon3.ai
tracking.g2crowd.com
2 pi.pardot.com www.horizon3.ai
pi.pardot.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 code.jquery.com www.horizon3.ai
1 hemsync.clickagy.com tags.clickagy.com
1 insight.adsrvr.org js.adsrvr.org
1 idsync.rlcdn.com
1 js.adsrvr.org www.horizon3.ai
1 tags.clickagy.com www.horizon3.ai
1 ws-assets.zoominfo.com js.zi-scripts.com
1 go.horizon3.ai pi.pardot.com
1 www.google.de www.horizon3.ai
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com www.horizon3.ai
1 alb.reddit.com www.horizon3.ai
1 pixel-config.reddit.com www.redditstatic.com
1 vc.hotjar.io script.hotjar.com
1 io.clickguard.com www.googletagmanager.com
1 snap.licdn.com www.horizon3.ai
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.horizon3.ai
1 cdnjs.cloudflare.com www.horizon3.ai
153 34
Subject Issuer Validity Valid
www.horizon3.ai
R10
2024-09-18 -
2024-12-17
3 months crt.sh
*.rocketcdn.me
R10
2024-08-12 -
2024-11-10
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-06 -
2025-04-03
6 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-06-05 -
2025-06-04
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
clickguard.com
WE1
2024-09-08 -
2024-12-07
3 months crt.sh
cdn.dreamdata.cloud
WR3
2024-08-21 -
2024-11-19
3 months crt.sh
g2crowd.com
WE1
2024-08-21 -
2024-11-19
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-02-07 -
2025-03-08
a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-13 -
2025-04-11
6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.g.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.google.de
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
go.horizon3.ai
R10
2024-09-01 -
2024-11-30
3 months crt.sh
zi-scripts.com
WE1
2024-09-22 -
2024-12-21
3 months crt.sh
zoominfo.com
E5
2024-10-12 -
2025-01-10
3 months crt.sh
*.clickagy.com
Amazon ECDSA 256 M02
2024-08-22 -
2025-09-20
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Frame ID: 02839765E99281DA269DB3FCDC6F020B
Requests: 148 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=nnpwm2i&ref=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&upid=r539y9j&upv=1.1.0&paapi=1
Frame ID: 1C88ECFDCADD4EE04C2FBF1299D4B6A7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Palo Alto Expedition: From N-Day to Full Compromise – Horizon3.ai

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

153
Requests

98 %
HTTPS

39 %
IPv6

25
Domains

34
Subdomains

34
IPs

4
Countries

3035 kB
Transfer

7250 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084508204&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084508204&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQLbCHQwjpxjDwAAAZKVd8iWIB5RdUoDAaED9mMfAl6Mu59lBFHhlDDVpnwPF7ZG0sNJRoFL
Request Chain 149
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:6c70bc42dec58f8d2a222a6ea3ee9585

153 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
472 KB
65 KB
Document
General
Full URL
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
47ce6e8fad20c093a88f96f1c0b925dc842d5670f26683f3dcfe4da3491fb76d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 16 Oct 2024 13:15:06 GMT
last-modified
Wed, 09 Oct 2024 12:48:05 GMT
link
<https://www.horizon3.ai/wp-json/>; rel="https://api.w.org/" <https://www.horizon3.ai/wp-json/wp/v2/posts/261986>; rel="alternate"; title="JSON"; type="application/json" <https://www.horizon3.ai/?p=261986>; rel=shortlink
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 10
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
x-tec-api-origin
https://www.horizon3.ai
x-tec-api-root
https://www.horizon3.ai/wp-json/tribe/events/v1/
x-tec-api-version
v1
x-xss-protection
"1; mode=block"
style.min.css
p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/
110 KB
16 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f69d-1b72b"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:45:33 GMT
content-type
text/css
cdn-cachedat
10/12/2024 17:25:37
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
4a9fdf9fbfae5576dccf5ff275f262b4
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
aiwp-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/
98 B
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190c-62"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/css/aiwp-public.css?ver=2.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
cd6df1d41c0b263dcd88bfe74d56b66f
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
cookie-law-info-public.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f652-c22"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a537c2e761e91d1098debaa4e7f21055
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
cookie-law-info-gdpr.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f652-6a71"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a2756f0080eda7372f466cdda51e9830
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
et-divi-dynamic-tb-260934-tb-4381-261986-late.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/
83 KB
10 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
a6fa4fd70eb16b5b84865862f147a578ea153fd33fa414b4f90b23d979dec616
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f6c4-14d92"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:46:12 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728575168>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
7763af8ed7805472ade1d983d6aabebc
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/
152 KB
13 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
751a73d9a95700a13e0592a06cfa3680c9a50f8105bcc1332b4ed0b92dc78ca2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6629a9db-25f4a"
x-content-type-options
nosniff
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/styles/style.min.css?ver=3.1.7.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9da4eb8203da0e00a4ba2be2f4cbc350
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/
70 KB
11 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190b-1196f"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.5>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
140b4d4745d665c4799f474eb7ab2534
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/
80 KB
18 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190b-140f1"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/styles/style.min.css?ver=1.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
42dc0ef1472eee16a2f3b9dda94f77be
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
style.min.css
www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/
86 KB
8 KB
Stylesheet
General
Full URL
https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/styles/style.min.css?ver=1.3.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d65fa445e89a329e393e914790b08f0b7cdb441f72fbe5d0fad0f43d92f2efee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
etag
W/"6707f658-15859"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 10 Oct 2024 15:44:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
server
nginx
style.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/
422 KB
31 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
fe676b7de732436eef5cc928e6ce2a5a87d51b34155753d343f88746c4bfb891
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-699d3"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
e6132aa49138c8a5a4d18ebd094124b1
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
magnific_popup.css
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/
6 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f6b6-1946"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
70532c9c9b54712e1406ac990d1b0a9e
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
swiper.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-5865"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1de66b2dd1b5c0972e1d4732bfa7a37c
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
popup.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-1389"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
9f2b101445b49709f2a7e68e9c15b765
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
animate.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
83 KB
6 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-14d7b"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/12/2024 17:25:37
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
01ed933d51b622736d66c57a61392402
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
readmore.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f655-6bd"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
66a6dc9aee17418274c787a17ad64659
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
jquery.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/
86 KB
32 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"64ecd5ef-15601"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery.min.js?ver=3.7.1>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
97f76c1a5611c3929db3800655a9440a
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
jquery-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/
13 KB
6 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6482bd64-3509"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
3c59a1fddf8a00e6132c1d8333ebf334
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
aiwp-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/
913 B
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"651e190c-391"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/aiwp/public/js/aiwp-public.js?ver=2.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
2a1d12b732026bdae82bf42ea7951a0c
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
cookie-law-info-public.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/
33 KB
9 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f652-8589"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
3e3524064dcfda306770d9c869883005
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
frontend.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/
486 B
1 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.6.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f656-1e6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:22 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.6.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
398f546938a5bb27c3d5992aacc88f6e
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
divi-filter-loadmore.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/
8 KB
4 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6629a9db-2147"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/11/2024 11:26:19
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/js/divi-filter-loadmore.min.js?ver=3.1.7.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
b14bfbbae7e8eca0378293bf2ace705c
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
et-divi-customizer-global.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/
13 KB
5 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1728577874
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
85375eab1610513e2743d5ecc157320b210104dbb86b3daa5a174e0ae90c0dae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"67080152-3382"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 16:31:14 GMT
content-type
text/css
cdn-cachedat
10/15/2024 23:39:16
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1728577874>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
548f82a811b582a2e945be6a4e7fd5c3
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
et-core-unified-tb-260934-tb-4381-deferred-261986.min.css
p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/
79 KB
10 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728577881
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
79649dc7389e7c9f43ab6f4610fd33b96798f406b71e31680764c072a1dcbcfd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f6d9-13d95"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:46:33 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728575193>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
2
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
6c5f6abb532bb12de88dc6b88b8f7ebc
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/
13 KB
14 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e1900-3214"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:36 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/Horizon3ai_Logo_Tagline_Horizontal_RGB-WhiteTxt.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
2
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
76f94df652916342daf11275bc8c4a16
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
12820
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Horizon3ai_Logo_Bug_RGB.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/11/
20 KB
21 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/11/Horizon3ai_Logo_Bug_RGB.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
385825f3c978e51201237611398c837352a7cf4fc8f4dce0badef3871cad2dd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e18fc-4f76"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:32 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/11/Horizon3ai_Logo_Bug_RGB.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8edc19eca2b548f4c3d74c53c7766168
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
20342
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
isometric-laptop-mockup.png
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/
470 KB
472 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/06/isometric-laptop-mockup.png
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
0abb6b841ec88ed4a6de1540fd8f6cf921147c69a849a617989fab23f53b520c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66a52cb4-759ba"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/png
last-modified
Sat, 27 Jul 2024 17:21:56 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/06/isometric-laptop-mockup.png>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
635f47b41c5eaf70e57853b694ced31b
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
481722
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Target-Path-Streamline-Ultimate.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/
9 KB
10 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"65f085ad-2254"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Tue, 12 Mar 2024 16:41:17 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/03/Target-Path-Streamline-Ultimate.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8dac9c03c63a35e73d1401ca1dea6260
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
8788
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
entra_compromise_2-980x367.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/
15 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
798b31a18cae3f6010e75b292d5efa21b347cb479c319b0b7344e023f1ed022a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"664bebe8-3bce"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Tue, 21 May 2024 00:33:44 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/05/entra_compromise_2-980x367.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
2f0a10743d602e6bd5306c0fa0f4443b
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
15310
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
video-game-sword.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/
470 B
2 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2023/09/video-game-sword.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e18f7-1d6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:27 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2023/09/video-game-sword.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
77b0631e18ca461d9ba40065eb91c816
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
470
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
400x250-Award-2024-Cyber150.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
15 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/400x250-Award-2024-Cyber150.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
898d53081a3b7835eeaaf8c12d300b8c28b610d61f573056b44c5aad7ea3a76c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43063-3ce2"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 15:46:43 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/400x250-Award-2024-Cyber150.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
77576dcc38db970dac36ade7fdbc0a03
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
15586
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
400x250-Award-Ascension2024.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/08/
12 KB
13 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/08/400x250-Award-Ascension2024.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
6bf44386a20716649e91ceff27bb8824fa56b8d63de6e6502f9a0960ab529c83
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66b264a9-30e8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Tue, 06 Aug 2024 18:00:09 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/08/400x250-Award-Ascension2024.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
3ca701576f9c0f21cd024d9c446b75e0
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
12520
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
400x250-Award-Intellyx-24.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/06/
19 KB
20 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/06/400x250-Award-Intellyx-24.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
8205d888f22bd7c24358689dc83a660090dc55d45f86ee9a4f521e135b56cc25
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"665f2237-4c3c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Tue, 04 Jun 2024 14:18:31 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/06/400x250-Award-Intellyx-24.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
52a9108b507a8d038db6c1e53fa2890d
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
19516
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-10-09-at-11.22.32%E2%80%AFAM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/10/
95 KB
96 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/10/Screenshot-2024-10-09-at-11.22.32%E2%80%AFAM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
c82579181db2e7c0cc170f8cc483383dcdc29177a91abeec4ddd99f5fb067b4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"6706a0e7-17b68"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 09 Oct 2024 15:27:35 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/10/Screenshot-2024-10-09-at-11.22.32%E2%80%AFAM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
2326d67de117b03ee87f369690d48137
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
97128
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-12.39.52%E2%80%AFPM-480x200.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
6 KB
7 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.39.52%E2%80%AFPM-480x200.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
adacf4458aa949a6b32939da6b9d319c147f4ac5e76960ff106a393bbea3b37d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43cef-1644"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 16:40:15 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.39.52%E2%80%AFPM-480x200.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
d4769f0160ea9b66ffb4419a8090a673
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
5700
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-12.44.57%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
16 KB
17 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.44.57%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
7d3ef1a0879b370d8f13d97d76b995ab0106b3283f9312e329abd724c3aea1cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43e23-3f92"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 16:45:23 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.44.57%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
2860ccce1bd34d0eda0f3fa381a01c7f
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
16274
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-12.51.52%E2%80%AFPM-980x141.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
13 KB
15 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.51.52%E2%80%AFPM-980x141.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
ab99447e2a3d73f045ab7579bb6e734f49abc4e046139c3afb336ecc76754b66
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f43fbd-353e"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 16:52:13 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-12.51.52%E2%80%AFPM-980x141.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
300758669676ea7b8a84b18c59e11191
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
13630
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.01.29%E2%80%AFPM-768x180.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
24 KB
25 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.01.29%E2%80%AFPM-768x180.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
d3be81811faf161b3a779e65166be4313bd33f08ec7841a2aa9fbc11edafb033
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44213-5eea"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:02:11 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.01.29%E2%80%AFPM-768x180.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
eb8cb4dfdb2d0af1491a1202b02fa6a5
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
24298
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.03.12%E2%80%AFPM-768x158.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
21 KB
22 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.03.12%E2%80%AFPM-768x158.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
1bf8ed7e87bfb6547e0c40b7ab6721c4f39f3fc60bac5ae463f12cd2198b2349
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44273-5206"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:03:47 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.03.12%E2%80%AFPM-768x158.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
4a599f175a328455194b383ca525b3ed
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
20998
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.04.49%E2%80%AFPM-768x204.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
17 KB
18 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.04.49%E2%80%AFPM-768x204.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
b2749d534580075928305c8fbb8cc0224d2fbd87343438ecef42f0c8b0cdc980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f442db-4292"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:05:31 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.04.49%E2%80%AFPM-768x204.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1cce0bf873407ff70a017196ea68b582
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
17042
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.06.18%E2%80%AFPM-768x201.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
14 KB
15 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.06.18%E2%80%AFPM-768x201.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
7f129d679c333a252660449c1841035b697e85642d5617a7bcbcfabe02e2c069
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4432a-3716"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:06:50 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.06.18%E2%80%AFPM-768x201.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
7df21482e527ad9a810086b41349dc3b
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
14102
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.07.28%E2%80%AFPM-980x174.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
18 KB
19 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.07.28%E2%80%AFPM-980x174.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
726143045da1bce502842c072048df39d9e49e9a4d0c448fdb13de55b964cea2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44363-4658"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:07:47 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.07.28%E2%80%AFPM-980x174.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
b84d04e2194ed23ec076713ffcd5a38e
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
18008
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.08.38%E2%80%AFPM-768x361.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
29 KB
31 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.08.38%E2%80%AFPM-768x361.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
159e251000e49e115bfc34826f374f10a0b48eb8b0c6e1f2677856919e90c02a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f443bb-75ca"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:09:15 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.08.38%E2%80%AFPM-768x361.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
340af29a1bef7433b5fd09cc2278f9f9
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
30154
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.10.07%E2%80%AFPM-980x58.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
12 KB
14 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.10.07%E2%80%AFPM-980x58.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
c4e1638e8764c786a6a14eb7e96ebfb8589ac187691b5e0bc9f4fda7c1492ab4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4440c-313c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:10:36 GMT
cdn-cachedat
10/12/2024 18:25:56
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.10.07%E2%80%AFPM-980x58.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a63c38ec26343cf7e425ab1fa4600153
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
12604
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.11.39%E2%80%AFPM-768x98.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
9 KB
10 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.11.39%E2%80%AFPM-768x98.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
449706de74ec55e3197ad93625d95d369ec29e034847695cbf3b674500d0aaa7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44463-2280"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:12:03 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.11.39%E2%80%AFPM-768x98.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
2
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
93f95f651d3b8ed570079e2254767c53
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
8832
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.16.29%E2%80%AFPM-768x99.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
14 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.16.29%E2%80%AFPM-768x99.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
f69948dfcbd3dcd9200b96c07e77683d542b716df21afd4a1696c47b2e6462ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f44589-3912"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:16:57 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.16.29%E2%80%AFPM-768x99.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c04e0cc42251fbc5a06650d026447a72
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
14610
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-1.18.21%E2%80%AFPM-980x203.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
22 KB
23 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.18.21%E2%80%AFPM-980x203.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
bfa10318adf08d448ae42a0a02e1f0264f90a39a537f4e1f4fd6cee4b17af1a1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f445f9-57e6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 17:18:49 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-1.18.21%E2%80%AFPM-980x203.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
cb9d7799ec6e1c2bc56c8e5d685b866e
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
22502
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-4.13.46%E2%80%AFPM-768x199.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
18 KB
19 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.13.46%E2%80%AFPM-768x199.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
6a3b8f0bc82438614757559760af1e72d2bb121b7a178069e9ea17af37ca9727
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f46f77-4654"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:15:51 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.13.46%E2%80%AFPM-768x199.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
df959c226057c3d92ae929486e0ae197
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
18004
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-4.27.37%E2%80%AFPM-768x246.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
24 KB
25 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.27.37%E2%80%AFPM-768x246.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
55e13c57cc149af08d7bf2725cc8d788814aa4d8a6533d5cf3501af1a67e8687
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4727a-6006"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:28:42 GMT
cdn-cachedat
10/12/2024 10:53:11
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.27.37%E2%80%AFPM-768x246.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
15cc94e7df890b33d818fa26c4ce3fc5
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
24582
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.13.07%E2%80%AFPM-768x322.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
29 KB
31 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.13.07%E2%80%AFPM-768x322.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
bf05a9aab699f4d6b5a8cc679efe50ae7562e9635b1d2a3a5e6fdc31abc54ba1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b262-74e8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:13:38 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.13.07%E2%80%AFPM-768x322.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
866625a028d6a0e450fb3201bc1024e6
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
29928
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.14.29%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
58 KB
59 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.14.29%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
5caa03f2cf0f0dfcf01c3b7eb5d3e3e9204a67d40987bf6429bf2ce5266f951d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b2bf-e7bc"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:15:11 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.14.29%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c221086e07f79ace75514f6cc556f110
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
59324
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.15.58%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
31 KB
32 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.15.58%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
b17e75595f8c188bffef259c2ae6017a14b232c2f1833010224fc50683243738
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b329-7afa"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:16:57 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.15.58%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ebe412d4691639c56e8571580643bb08
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
31482
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.17.38%E2%80%AFPM-768x403.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
36 KB
38 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.17.38%E2%80%AFPM-768x403.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
f94790aaef69319d75608143a96875a210ec95d7267af50752b725bb6b6a081c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b382-9180"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:18:26 GMT
cdn-cachedat
10/12/2024 10:53:11
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.17.38%E2%80%AFPM-768x403.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
89e77745584f2f9e77895ae01d97ae39
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
37248
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.19.58%E2%80%AFPM-480x449.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
19 KB
20 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.19.58%E2%80%AFPM-480x449.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
f01fc7491b03e36f48623cbf87cbe09be93cd1280232a32de0d07ae66ac9dca6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b3ee-4af4"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:20:14 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.19.58%E2%80%AFPM-480x449.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
e28c10ae6792eebb63c9a9fee6ed033f
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
19188
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.21.38%E2%80%AFPM.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
28 KB
29 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.21.38%E2%80%AFPM.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
f653c580a161c53dac7b5e8f1c76ba8b03b3683b4ff48e5d0ebd3f7087b44229
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b486-70c0"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:22:46 GMT
cdn-cachedat
10/10/2024 17:44:02
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.21.38%E2%80%AFPM.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
0fade1b3911ce853dd12fa84e7f9300a
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
28864
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-3.23.12%E2%80%AFPM-768x394.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
38 KB
39 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.23.12%E2%80%AFPM-768x394.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
6ef0799d97f6b9d6b1cb61f5e2962b7778165a99e3fdcdd93e56a7f3514ac659
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5b4d2-9720"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 19:24:02 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-3.23.12%E2%80%AFPM-768x394.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
7e2d44354a59a459a44f046934df22bb
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
38688
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-10.32.23%E2%80%AFAM-768x68.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
17 KB
19 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-10.32.23%E2%80%AFAM-768x68.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
cd6259ec59126338f11a9b28a330a866a58a7f169e6ec4f93622672e5332d016
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f5714b-44f8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 14:35:55 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-10.32.23%E2%80%AFAM-768x68.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
cfae40a875e2f372d20a46af7a7c8d77
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
17656
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-25-at-4.38.28%E2%80%AFPM-768x408.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
15 KB
16 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.38.28%E2%80%AFPM-768x408.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
2a68d702f2d1190671d9591ab1623372c776df8e002b1cf9ffc020b29da39d92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f4757a-3b3c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:41:30 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-25-at-4.38.28%E2%80%AFPM-768x408.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
84362eb528e78b116d55067e3d2a0c7c
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
15164
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
Screenshot-2024-09-26-at-12.15.14%E2%80%AFPM-980x350.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/
20 KB
21 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-12.15.14%E2%80%AFPM-980x350.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
7b898b6a4c55324c6c8d31fc29867d4ab4d554819b8fd2dbb80960af1323eab7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"66f588f9-50b6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 16:16:57 GMT
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2024/09/Screenshot-2024-09-26-at-12.15.14%E2%80%AFPM-980x350.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
029de212c02a281cbbb9f20d20f20e77
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
20662
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
streamlinehq-cog-approved-interface-essential-100.png.webp
p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/
1 KB
3 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e18fd-5b6"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/webp
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
cdn-cachedat
10/14/2024 18:27:01
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2022/10/streamlinehq-cog-approved-interface-essential-100.png.webp>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
bae927e1006663e5c28d9f6a0fad2995
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
1462
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
logo-cookieyes.svg
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/
3 KB
2 KB
Image
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f652-a15"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/11/2024 10:20:45
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
391922e00bd9fd7fea5a41f6745ada39
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
mediaelementplayer-legacy.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
11 KB
4 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"5f735862-2bf8"
x-content-type-options
nosniff
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
content-type
text/css
cdn-cachedat
10/11/2024 10:16:35
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
2
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c7cc0bcb82849491bfda0e57addf4ce9
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
wp-mediaelement.min.css
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
4 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"5cfaccce-105a"
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
bad5209831ea01db979ee51965bd4a50
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
bootstrap.min.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"651e190b-35dd"
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/assets/css/bootstrap.min.css?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
04d4b928d84e6e7dda9f56d8ced743a7
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
daterangepicker.css
cdn.jsdelivr.net/npm/daterangepicker/
8 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
age
25742
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230136-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1754
x-jsd-version
3.1.0
jquery-ui.css
code.jquery.com/ui/1.13.2/themes/hot-sneaks/
36 KB
9 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.13.2/themes/hot-sneaks/jquery-ui.css?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
etag
W/"28feccc0-8fc4"
age
3653685
x-cache
HIT, HIT
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
text/css
vary
Accept-Encoding
x-cache-hits
7875, 5
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21942-LGA, cache-fra-eddf8230061-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729084507.420175,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
8576
server
nginx
cookie-law-info-table.css
p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/
6 KB
3 KB
Stylesheet
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"6707f652-17e1"
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2024 15:44:18 GMT
content-type
text/css
cdn-cachedat
10/10/2024 15:46:50
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:07 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.6>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
845573df143cc4c8c9545918bfdc46b1
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
scripts.min.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/
268 KB
61 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
6af23fd5d68900400e981906d4bf799efb94d589616b846112f9e2684274c692
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-42f9f"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8708ec04ec0ef2a498250c4ef996c535
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
jquery.fitvids.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-d15"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
0770e48ba1c2c47bf4bf3a4754ead8aa
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
comment-reply.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/comment-reply.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"625095f6-ba5"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/comment-reply.min.js?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
2
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
128cf0a6ad4d92943359ef59252f957c
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
jquery.mobile.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
8 KB
4 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-1f18"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
dae549611a5e8e8d59f53d7c37f96362
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
magnific-popup.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
22 KB
10 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
22a7ae46aefb3325e3e2761085d7b2ea2cda8dc351cf391a62918bb09784f693
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-5700"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
5706169a25d6ea4677b34c693eb29932
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
easypiechart.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
9 KB
4 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-2466"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
c5cd6dacebca9d61d9c42ac0dd4df7e1
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
salvattore.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
8 KB
5 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-217e"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ecd20ce2fdf578799c381b3f402c1218
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/
699 B
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.7.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6629a9db-2bb"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 25 Apr 2024 00:54:51 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-ajax-filter/scripts/frontend-bundle.min.js?ver=3.1.7.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
7e644b1452dbef650b7879415d870ca9
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/
35 KB
8 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"651e190c-8dee"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 05 Oct 2023 02:01:48 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.5>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
1daedfbcc9e7f636bddce3dc92604f92
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/
733 B
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"651e190b-2dd"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 05 Oct 2023 02:01:47 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-event-calendar-module/scripts/frontend-bundle.min.js?ver=1.0.0>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
93fab95652a8bc652fcf2e87bf6b7b79
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
new-tab.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/
34 KB
14 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6629a9e1-8687"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 25 Apr 2024 00:54:57 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/12/2024 20:57:08
link
<https://www.horizon3.ai/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8f3ceea41df30589a166473f05e39d80
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
common.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-53f"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
f78b29c0a7aca3684ed8f712c30217b7
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
script.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-module-code-snippet/features/DBCSCopyToClipboardFeature/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/divi-module-code-snippet/features/DBCSCopyToClipboardFeature/script.js?ver=1.4.4
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
a1fc4d2a1d472a69f0736655a1de5a136b9daad166b23b065c96facb834b3724
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"66673745-4f8"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Mon, 10 Jun 2024 17:26:29 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/divi-module-code-snippet/features/DBCSCopyToClipboardFeature/script.js?ver=1.4.4>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
d8044777030102c496486be49eecf064
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
mediaelement-and-player.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
154 KB
39 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6335a9d7-26935"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 29 Sep 2022 14:21:11 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
a8f7b89a216291a409bb23c1c2854cdc
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
mediaelement-migrate.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"625095f6-4a7"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/15/2024 23:39:17
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
511ba308e753d58410ae08f98863983a
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
wp-mediaelement.min.js
p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/
1 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"63e275aa-453"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Tue, 07 Feb 2023 16:00:42 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.6.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
5bca4c830b65e146444553c431a35677
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1082
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
10e5a9648bd0457bae09fdcd63aae1cd6448fc05f3c2aa091cd6ba7c17e162f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-cc2"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/AdvancedTabs/frontend.min.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
42819fb4ba11fad4da7fea56cac87952
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
jquery.magnific-popup.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/
21 KB
9 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/jquery.magnific-popup.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
00bd70a9e2b51ce68971a89a29d07b1e06e49a5d1e71c6a44d1a7ccb41828095
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-5251"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/js/jquery.magnific-popup.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
296e4e37e337f0f202711ca7faec6fe4
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
swiper-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/
142 KB
40 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-239c1"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/public/js/swiper-bundle.min.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
f8e1791358709c4ae713848d712dd30f
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
frontend.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/
3 KB
2 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.97.19
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f655-a85"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/14/2024 18:27:01
link
<https://www.horizon3.ai/wp-content/plugins/supreme-modules-pro-for-divi/includes/modules/BlogCarousel/frontend.min.js?ver=4.9.97.19>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
41cebda56273a7203405c0a14961efc9
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/
57 KB
17 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"62c614dc-41c5"
age
505919
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWTa2v%2Bep88Lu06xH2EbLUgsd8wzgTdu43Pe7%2FtxsYvVlJHhm1u%2BbB6N0h9YHi6f7PnUGAv%2FtVY7RVCUWJXhj0nr0QGrm%2Fpm6x%2Bz2WAc0cyUZCRErKwzQetNtGu06t09dUhnxRMt"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 13:15:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Jul 2022 23:03:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d3850dbabac4d4a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16837
server
cloudflare
daterangepicker.min.js
cdn.jsdelivr.net/npm/daterangepicker/
32 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"7f60-yn4DlHkED3KaP/biww3JCbN4kvM"
age
10850
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230136-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
7106
x-jsd-version
3.1.0
jquery-ui.js
code.jquery.com/ui/1.13.2/
517 KB
124 KB
Script
General
Full URL
https://code.jquery.com/ui/1.13.2/jquery-ui.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
etag
W/"28feccc0-81307"
age
3507347
x-cache
HIT, HIT
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
60, 91082
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21926-LGA, cache-fra-eddf8230061-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729084507.451639,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
126267
server
nginx
loadFilter.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/
44 KB
6 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/loadFilter.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"b08f-hyuFhPhDAFE5gn7UWPXhS1S5p0w"
age
21990
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230136-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6186
x-jsd-version
2.7.6
loadmore.js
cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/
31 KB
5 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/peeayecreative/dec-cdn@2.7.6/js/EventFeed/loadmore.js?ver=6.6.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"7b9e-g8xMzqvVKM5J7uC4u0KIn/Wvuw4"
age
34631
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230136-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4509
x-jsd-version
2.7.6
frontend-bundle.min.js
p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/
8 KB
3 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.3.3
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
6c742dbd1b71338da108a257be31d23bdde0a67b20440548db9ea70660bc7430
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f658-2075"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:44:24 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/plugins/supreme-mega-menu/scripts/frontend-bundle.min.js?ver=1.3.3>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
09cdf4d9314fa577a06b5c64ed738823
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
motion-effects.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
154 KB
39 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
21299aa0cfccae6adfc1fdc2d6dfd6895c47f6f8b714b2683df914f9b5b485a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-26902"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/10/2024 15:46:50
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
ba738c9c4071b506b0d0b1b4029cdf6e
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1081
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
sticky-elements.js
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
204 KB
57 KB
Script
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.27.2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
b24aa7e74310a0cc0723f431099e76ab2dddbde19a580b3c3da79d88a80e6893
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6707f6b6-330a1"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
10/14/2024 13:26:44
link
<https://www.horizon3.ai/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=4.27.2>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
047396322e1c895c1d39e380f6e7558a
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
hotjar-5039807.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-5039807.js?sv=6
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
c388681430c8e4e4d59313f3c6e965f66d940081e80f0d93239bc53cdc45e2f3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/223dbd2aeb2f7b9289042ebb7ed952ef
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
dCvWgNjQZgN1IUZHSZ-WLwd1fcj4X0LJJLHcXxpxYVoMpmn9pFR5pw==
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
gtm.js
www.googletagmanager.com/
295 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8e51e1d5868192f9195f91c845da451872e15337f69b8e5b111da1c7ba0eee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 16 Oct 2024 13:15:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 16 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103432
x-xss-protection
0
server
Google Tag Manager
et-divi-dynamic-tb-260934-tb-4381-261986-late.css
www.horizon3.ai/wp-content/et-cache/261986/
201 KB
20 KB
Stylesheet
General
Full URL
https://www.horizon3.ai/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
144285e8182c3c3f25bf4992fbd3bf2e790369b48ad7e65cde3d9a2f9937ad2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
etag
W/"6708187b-32497"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 10 Oct 2024 18:10:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
x-xss-protection
"1; mode=block"
server
nginx
modules.02161fb4f8ebb73fb3f8.js
script.hotjar.com/
225 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5039807.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-19.fra60.r.cloudfront.net
Software
/
Resource Hash
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-robots-tag
none
content-encoding
br
etag
"dec0c1b6789c165b6cb6404022b9d8ab"
age
191341
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
BhPaTIaJb-o40LXkXfjzlutkXKfKQZeFeYmSQlx8rlyMn6M3kaFOUQ==
date
Mon, 14 Oct 2024 08:06:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 14 Oct 2024 08:05:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56680
x-amz-cf-pop
FRA60-P9
js
www.googletagmanager.com/gtag/
344 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09b0a4d508c86b60e314de8b5620377cb6ac89cacea27baa787eafd3d367b7ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 16 Oct 2024 13:15:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112555
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/
276 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10792903506&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05ae27ac28d3b7600cbc5129128d295df6e066069ce525554f14921b2af07c27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 16 Oct 2024 13:15:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 16 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96799
x-xss-protection
0
server
Google Tag Manager
pixel.js
www.redditstatic.com/ads/
42 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
/
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=63072000
content-encoding
gzip
etag
"15f4-gzip"
Connection
keep-alive
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
expires
Fri, 16 Oct 2026 13:15:08 GMT
accept-ranges
bytes
Content-Length
1988
Date
Wed, 16 Oct 2024 13:15:08 GMT
Content-Type
application/javascript
last-modified
Tue, 15 Oct 2024 17:17:28 GMT
vary
Accept-Encoding,User-Agent
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=64033
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Wed, 16 Oct 2024 13:15:07 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
PLwGhTJP
io.clickguard.com/s/cHJvdGVjdG9y/
8 KB
3 KB
Script
General
Full URL
https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXGBH9M
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5cd9492e65ec7b99b6946ea2455f2cac1709c3ba552aa76d45f9c4f31b612409

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
CF-Cache-Status
DYNAMIC
etag
W/"1eaf-M97I9iy4ftHKJtUVCdptJ9STYKQ"
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ix1cQuOJ2Vr8i%2BZzSXA7L3N8EJqFOcer4mFuER8C6fRBE%2Fmcl1QGtg6%2FtOnn%2F6ONjBdN04RSExuwtOH93zWgf7UjWBO5Mr6xr%2BE3DkSJEFIWJ8%2FV9vLW%2B7bJxhckdYuEHkYKm7HZCON4UrP89WLu"}],"group":"cf-nel","max_age":604800}
via
1.1 google
CF-RAY
8d3850de4f23dbdc-FRA
access-control-allow-origin
*
Date
Wed, 16 Oct 2024 13:15:08 GMT
Content-Type
application/javascript; charset=utf-8
x-powered-by
Express
Server
cloudflare
dreamdata.min.js
cdn.dreamdata.cloud/scripts/analytics/v1/
127 KB
39 KB
Script
General
Full URL
https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=9JeVgg==, md5=WgwkKCkgGoD0mNSVnYPr/A==
etag
"5a0c242829201a80f498d4959d83ebfc"
age
743
x-goog-stored-content-encoding
gzip
expires
Wed, 16 Oct 2024 13:32:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
39064
date
Wed, 16 Oct 2024 13:02:44 GMT
last-modified
Tue, 19 Dec 2023 15:12:09 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3GTe2K5vY9dyWBQNvBeAsH4KQDtVQ-vWRagk9vxvFUjp277e5VApZ2xwrh6FsQ7HEZQgm3Ra2sEA
strict-transport-security
max-age=63072000;includeSubdomains
cache-control
public,max-age=1800
x-goog-storage-class
STANDARD
referrer-policy
origin
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1702998729480704
content-length
39064
server
UploadServer
identify-form.min.js
cdn.dreamdata.cloud/scripts/identify-form/v1/
20 KB
5 KB
Script
General
Full URL
https://cdn.dreamdata.cloud/scripts/identify-form/v1/identify-form.min.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
66c5889779331f1942f8bf56933acbab2f3c264c7e77f367795a8cb04506e9ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=5dIwaw==, md5=impdbDppdNC8N+U3EJYhRg==
etag
"8a6a5d6c3a6974d0bc37e53710962146"
age
877
x-goog-stored-content-encoding
gzip
expires
Wed, 16 Oct 2024 13:30:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
4325
date
Wed, 16 Oct 2024 13:00:30 GMT
last-modified
Fri, 12 Apr 2024 10:25:35 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1xNZPAst9i-O4w45T9qsrP4A4O5hB1A5ej4Iz5oqjucFxLqCUEaH2biquCT7k1GYfJuA3TU3vivQ
strict-transport-security
max-age=63072000;includeSubdomains
cache-control
public, max-age=1800
x-goog-storage-class
STANDARD
referrer-policy
origin
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1712917535471168
content-length
4325
server
UploadServer
1018520.js
tracking.g2crowd.com/attribution_tracking/conversions/
2 KB
2 KB
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/1018520.js?p=https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/&e=
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592f7197a0be2403b00faee4497dd6f88a553191138f9c81db3e83b549dadf09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
text/javascript;charset=UTF-8
content-disposition
inline
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8d3850de49c6dca1-FRA
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
server
cloudflare
Red-Team-Blog-BG.jpg
www.horizon3.ai/wp-content/uploads/2022/10/
51 KB
52 KB
Image
General
Full URL
https://www.horizon3.ai/wp-content/uploads/2022/10/Red-Team-Blog-BG.jpg
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728577881
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-core-unified-tb-260934-tb-4381-deferred-261986.min.css?ver=1728577881

Response headers

etag
"651e18fd-cdcc"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
image/jpeg
last-modified
Thu, 05 Oct 2023 02:01:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
52684
x-xss-protection
"1; mode=block"
server
nginx
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
66589
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 18:45:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 18:45:18 GMT
last-modified
Thu, 29 Jun 2023 16:13:30 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25500
x-xss-protection
0
server
sffe
modules.woff
www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/
10 KB
11 KB
Font
General
Full URL
https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.woff
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803

Response headers

etag
"6707f6b6-2850"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
font/woff
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
10320
x-xss-protection
"1; mode=block"
server
nginx
fa-solid-900.woff2
www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/
78 KB
79 KB
Font
General
Full URL
https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://p7i3u3x3.rocketcdn.me/wp-content/et-cache/261986/et-divi-dynamic-tb-260934-tb-4381-261986-late.css?ver=1728583803

Response headers

etag
"6707f6b6-139ac"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
font/woff2
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
80300
x-xss-protection
"1; mode=block"
server
nginx
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
141137
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 22:02:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 22:02:50 GMT
last-modified
Thu, 29 Jun 2023 16:17:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25656
x-xss-protection
0
server
sffe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
34411
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:41:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:41:36 GMT
last-modified
Thu, 29 Jun 2023 16:18:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25320
x-xss-protection
0
server
sffe
5039807
vc.hotjar.io/sessions/
0
231 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/5039807?s=0.25&r=0.09621228096761114
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
tVenfu5-b-iEqP__7BSFE_2P8xP6drwcy-o3hJK889I_Gp0xseg0bQ==
date
Wed, 16 Oct 2024 13:15:07 GMT
x-amz-cf-pop
FRA56-P5
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
fonts.gstatic.com/s/rubik/v28/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFWUU1.woff2
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
33473
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:57:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:57:14 GMT
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23316
x-xss-protection
0
server
sffe
modules.woff
p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/
90 KB
91 KB
Font
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"6707f6b6-167b4"
x-content-type-options
nosniff
content-type
font/woff
last-modified
Thu, 10 Oct 2024 15:45:58 GMT
cdn-cachedat
10/10/2024 15:46:51
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
accept-ranges
bytes
content-length
92084
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1079
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
date
Wed, 16 Oct 2024 13:15:08 GMT
vary
Accept-Encoding
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
link
<https://www.horizon3.ai/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cdn-requesttime
0
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
8c708db38d4b11698e3b96edca3f7de2
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
*
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUz.woff
fonts.gstatic.com/s/rubik/v28/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUz.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
bd36dfbd26f0a08907b7e0ebd088ee1bcba672d77655947144fa6c150afc40e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
104362
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 08:15:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:15:46 GMT
last-modified
Thu, 29 Jun 2023 16:18:08 GMT
content-type
font/woff
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32444
x-xss-protection
0
server
sffe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
fonts.gstatic.com/s/rubik/v28/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUz.woff
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

age
33755
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:52:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:52:33 GMT
last-modified
Thu, 29 Jun 2023 16:13:31 GMT
content-type
font/woff
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32848
x-xss-protection
0
server
sffe
config
pixel-config.reddit.com/pixels/t2_rwb6eefi/
3 B
124 B
XHR
General
Full URL
https://pixel-config.reddit.com/pixels/t2_rwb6eefi/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Wed, 16 Oct 2024 13:15:08 GMT
content-type
application/json
t2_rwb6eefi_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
699 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_rwb6eefi_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
97
date
Wed, 16 Oct 2024 13:15:08 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/
42 B
637 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1729084508201&id=t2_rwb6eefi&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=336de8cb-093c-4896-81ab-faaa7140b1b3&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Wed, 16 Oct 2024 13:15:08 GMT
content-type
image/gif
server
Varnish
attribution_trigger
px.ads.linkedin.com/
2 B
812 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3527860&time=1729084508204&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
00062497dbe748284271490bde8135cf
x-msedge-ref
Ref A: B4B6AF7DA85547CABC66A49954561474 Ref B: FRAEDGE1317 Ref C: 2024-10-16T13:15:08Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYkl9vnSChCcUkL3oE1zw==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084508204&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084508204&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQL...
0
481 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084508204&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQLbCHQwjpxjDwAAAZKVd8iWIB5RdUoDAaED9mMfAl6Mu59lBFHhlDDVpnwPF7ZG0sNJRoFL
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 4447C3CC36864CE9A7B029F9C82D3AE1 Ref B: FRAEDGE1513 Ref C: 2024-10-16T13:15:08Z
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYkl9vplCQcFEewaGRkWA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 16 Oct 2024 13:15:07 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3527860&time=1729084508204&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&e_ipv6=AQLbCHQwjpxjDwAAAZKVd8iWIB5RdUoDAaED9mMfAl6Mu59lBFHhlDDVpnwPF7ZG0sNJRoFL
x-msedge-ref
Ref A: D8DDACF9AC8548428458EA4FD66C32A2 Ref B: FRAEDGE1407 Ref C: 2024-10-16T13:15:08Z
x-li-fabric
prod-lva1
x-li-uuid
AAYkl9vnSSp9a7FteV0EZA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 16 Oct 2024 13:15:08 GMT
assign
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Ping
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by
Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1018520.js?p=https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/&e=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryh0ZwzJvdd8ub5vJ6
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

p
cdn.dreamdata.cloud/api/v1/
16 B
33 B
XHR
General
Full URL
https://cdn.dreamdata.cloud/api/v1/p
Requested by
Host: cdn.dreamdata.cloud
URL: https://cdn.dreamdata.cloud/scripts/analytics/v1/dreamdata.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.220.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.220.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

strict-transport-security
max-age=63072000;includeSubdomains
referrer-policy
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Wed, 16 Oct 2024 13:15:08 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
d03ab2b118e617093e4889e908ed6d46
server
Google Frontend
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-V462VSRXXS&gtm=45je4ae0v889089095z8852319646za200zb852319646&_p=1729084507432&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=139852431.1729084508&ecid=289604410&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729084508&sct=1&seg=0&dl=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&dt=Palo%20Alto%20Expedition%3A%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1679
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.horizon3.ai
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:08 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
554 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V462VSRXXS&cid=139852431.1729084508&gtm=45je4ae0v889089095z8852319646za200zb852319646&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V462VSRXXS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.horizon3.ai
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:15:08 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V462VSRXXS&cid=139852431.1729084508&gtm=45je4ae0v889089095z8852319646za200zb852319646&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685&tag_exp=101686685&z=1108031414
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 16 Oct 2024 13:15:08 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUw.ttf
fonts.gstatic.com/s/rubik/v28/
67 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUUw.ttf
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
869d26755acd4c1683b650f96b45263ab89ea0ef5c3866e61345cc61d07b336c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

content-encoding
gzip
age
34327
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:43:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:43:01 GMT
last-modified
Thu, 29 Jun 2023 16:18:07 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36588
x-xss-protection
0
server
sffe
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
fonts.gstatic.com/s/rubik/v28/
68 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFWUUw.ttf
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.horizon3.ai
Referer
https://www.horizon3.ai/

Response headers

content-encoding
gzip
age
34327
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:43:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:43:01 GMT
last-modified
Thu, 29 Jun 2023 16:13:32 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37076
x-xss-protection
0
server
sffe
analytics
pi.pardot.com/
1 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=Palo%20Alto%20Expedition%3A%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
/
Resource Hash
0d1f7644ab55d6f98d758bf173c16accb9c8ff2bc86cc8edf914ffc5a9514cf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
536
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Wed, 16 Oct 2024 13:15:08 GMT
Content-Type
text/javascript; charset=utf-8
vary
Accept-Encoding,User-Agent
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/
0
602 B
XHR
General
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Requested by
Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BzXsS82TtzHtxX0%2FYHkXr4oBOl7qLRJpZPzHdDDOIFGjxBdQQhtjdFWHbuDq5486%2F%2BehsJuSHi3%2BMuHV6PJFflI2kvjyPyFkTfhBTjXKMEUswtxeUIab3ysW%2F6rjFNA%2F5YE%2Fsr9uzcC1VnM%2BoWjGYFcC"}],"group":"cf-nel","max_age":604800}
via
1.1 google
CF-RAY
8d3850e30be5d388-FRA
access-control-allow-origin
*
Content-Length
0
Date
Wed, 16 Oct 2024 13:15:08 GMT
x-powered-by
Express
Server
cloudflare
PLwGhTJP
pulse.clickguard.com/r/cHJvdGVjdG9y/ Frame
0
0
Preflight
General
Full URL
https://pulse.clickguard.com/r/cHJvdGVjdG9y/PLwGhTJP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8d3850e21975d388-FRA
Connection
keep-alive
Content-Length
0
Date
Wed, 16 Oct 2024 13:15:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RMEJeBQtX8M8lLHU0b4rwPKvCh6LW5iHaBKMJgQKQCtarfbvtOy4s9%2BeH9%2Bjt2plhmGmFkofIYXmdtQ%2FCYGjXL3RKq9O%2F0hklq9raZowK1ogVQmMqhGqWR2W8zrP6QUphPfim3r%2BOoMnPFuLdc4oYO%2F1"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
/
px.ads.linkedin.com/wa/
0
409 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 1D4F6607F8464F51B5D10041B275E099 Ref B: FRAEDGE1407 Ref C: 2024-10-16T13:15:08Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYkl9vrQsP3X64K30JbnA==
x-li-proto
http/2
access-control-allow-origin
https://www.horizon3.ai
x-cache
CONFIG_NOCACHE
date
Wed, 16 Oct 2024 13:15:08 GMT
vary
Origin
analytics
go.horizon3.ai/
50 B
1020 B
Script
General
Full URL
https://go.horizon3.ai/analytics?conly=true&visitor_id=141062671&visitor_id_sign=2e872bab673655f01b235f7b1689d301c966a4ebc1d965d669d08282d0c5e86a1c34af0245c649d83b82133edfb28d0ef44b390d&pi_opt_in=&campaign_id=17120&account_id=972073&title=Palo%20Alto%20Expedition:%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&url=https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=17120&account_id=972073&title=Palo%20Alto%20Expedition%3A%20From%20N-Day%20to%20Full%20Compromise%20%E2%80%93%20Horizon3.ai&url=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&referrer=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
/
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-pardot-rsp
0/0/1
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
50
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date
Wed, 16 Oct 2024 13:15:09 GMT
Content-Type
text/javascript; charset=utf-8
vary
User-Agent
zi-tag.js
js.zi-scripts.com/
9 KB
3 KB
Script
General
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.horizon3.ai
URL: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-version-id
PTl7rnF_EEhUwyN5J882FhdYw1E0brGf
etag
W/"b2877da906a3216c4f3fc4030b205e54"
age
39319
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
cKYX_zGnnz5IXbjRoGI-97lIVZXhfWc-rg_YybbUFl4PkJBz25y3Ig==
date
Wed, 16 Oct 2024 13:15:09 GMT
content-type
application/javascript
last-modified
Thu, 18 Jul 2024 08:13:46 GMT
vary
Accept-Encoding
server-timing
cfExtPri
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cf-ray
8d3850ea4b874da8-FRA
x-amz-cf-pop
FRA56-P4
server
cloudflare
admin-ajax.php
www.horizon3.ai/wp-admin/
5 KB
2 KB
XHR
General
Full URL
https://www.horizon3.ai/wp-admin/admin-ajax.php
Requested by
Host: p7i3u3x3.rocketcdn.me
URL: https://p7i3u3x3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.16.226 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.16.197.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e1b2235641cb8b0030af5cbc534d7c3c8ca99bb8a0ffe6be0f9fb4dd7a0912ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag
noindex
content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Wed, 16 Oct 2024 13:15:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
access-control-allow-origin
https://www.horizon3.ai
content-length
871
x-xss-protection
"1; mode=block"
x-powered-by
WP Engine
server
nginx
cropped-favicon-32x32.png
p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/
2 KB
3 KB
Other
General
Full URL
https://p7i3u3x3.rocketcdn.me/wp-content/uploads/2021/06/cropped-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 / RocketCDN - b
Resource Hash
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

cdn-status
200
etag
"651e1904-78c"
x-content-type-options
nosniff
date
Wed, 16 Oct 2024 13:15:09 GMT
content-type
image/png
last-modified
Thu, 05 Oct 2023 02:01:40 GMT
cdn-cachedat
10/10/2024 17:53:09
cdn-cache
HIT
x-frame-options
SAMEORIGIN
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://www.horizon3.ai/wp-content/uploads/2021/06/cropped-favicon-32x32.png>; rel="canonical"
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
9c62a85e-aade-42a0-9ab7-0e0ad624743f
cdn-requestid
03de5ee28fa8b7cb6290d78d70c8a282
cdn-pullzone
1682947
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.04
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), layout-animations=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), oversized-images=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), vertical-scroll=(), vr=(), wake-lock=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
1932
vary
Accept-Encoding
x-xss-protection
"1; mode=block"
cdn-edgestorageid
1080
x-powered-by
RocketCDN - b
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
getSubscriptions
js.zi-scripts.com/unified/v1/master/
203 B
599 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
52d0940a9fa67895069016345a8fcb605b37427bfff4de1b291206da54e17ce3

Request headers

Authorization
Bearer 91ee87a5431669218673
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
visited_url
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"cb-KpDM2TeaAZXGX9Pd53p8nnN+/1w"
apigw-requestid
fvpewj2gPHcESeg=
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
wu0fPFs40t_JH05SEDxsxuC0p-E3kjmOCuIS11QymoDnEb3EUaMSgg==
date
Wed, 16 Oct 2024 13:15:10 GMT
content-type
application/json; charset=utf-8
vary
Origin
server-timing
cfExtPri
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
cf-ray
8d3850ebad153663-FRA
access-control-allow-origin
https://www.horizon3.ai
x-amz-cf-pop
FRA56-P4
x-powered-by
Express
server
cloudflare
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods
POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin
https://www.horizon3.ai
alt-svc
h3=":443"; ma=86400
apigw-requestid
fvpeuhZQvHcESFQ=
cf-cache-status
DYNAMIC
cf-ray
8d3850ea9c173663-FRA
date
Wed, 16 Oct 2024 13:15:10 GMT
server
cloudflare
server-timing
cfExtPri
vary
Origin
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-id
-uv3hoX0hkbIm_cDLqOsxz-JrYOr4KroEFj4-y490m3HPlCvqRwh0g==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-powered-by
Express
/
ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/?iszitag=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://www.horizon3.ai
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d3850ee9eda910c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 13:15:10 GMT
server
cloudflare
server-timing
cfExtPri
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
formcomplete.js
ws-assets.zoominfo.com/
90 KB
27 KB
Script
General
Full URL
https://ws-assets.zoominfo.com/formcomplete.js
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
cf-cache-status
DYNAMIC
etag
W/"006455bd44ed289ddcc403d0ecd96ab0"
age
1321
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Wed, 16 Oct 2024 13:53:09 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
91778
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:10 GMT
content-type
application/javascript
last-modified
Thu, 16 May 2024 10:14:37 GMT
x-guploader-uploadid
AHmUCY2sLWlmuBB7jeNFevPgqMSeXSO9HLEDHzXvN1oAyg1UHujErGXt6uTxSyWjYUbZqqojvJbh8INWGg
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
cf-ray
8d3850ee9a839b33-FRA
x-goog-generation
1715854477710382
server
cloudflare
/
ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/
5 KB
2 KB
Fetch
General
Full URL
https://ws.zoominfo.com/pixel/61eaf806342d59001e8ed916/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba4850a04e842ac69c08e783f761740cb099c0df2a5b7fcffdf0d85e7945dd4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

_zitok
9f99174058af31da84141729084510
_vtok
MTg1LjIxMy4xNTUuMTQ2
visited-url
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/javascript

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:10 GMT
content-type
text/javascript
vary
Accept-Encoding
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d3850efc97cd34e-FRA
access-control-allow-origin
https://www.horizon3.ai
x-powered-by
Express
server
cloudflare
forms
ws.zoominfo.com/formcomplete-v2/
2 B
399 B
Fetch
General
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Authorization
bearer dddfc8155a8b4c46fae3f17128d0bf
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-robots-tag
noindex, nofollow
cf-cache-status
DYNAMIC
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 13:15:10 GMT
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d3850f02ab0d34e-FRA
access-control-allow-origin
https://www.horizon3.ai
content-length
2
x-powered-by
Express
server
cloudflare
forms
ws.zoominfo.com/formcomplete-v2/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.horizon3.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.horizon3.ai
allow
POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d3850ef3f68910c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 13:15:10 GMT
server
cloudflare
server-timing
cfExtPri
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
93151b25-23a1-46ff-bd1f-40f485e48055
https://www.horizon3.ai/
5 KB
0
Script
General
Full URL
blob:https://www.horizon3.ai/93151b25-23a1-46ff-bd1f-40f485e48055
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba4850a04e842ac69c08e783f761740cb099c0df2a5b7fcffdf0d85e7945dd4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
Content-Length
4862
data.js
tags.clickagy.com/
36 KB
13 KB
Script
General
Full URL
https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by
Host: www.horizon3.ai
URL: blob:https://www.horizon3.ai/93151b25-23a1-46ff-bd1f-40f485e48055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6600:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
429e6cab64539f15ca1c33984a782a42b43c0f02dba4cc4009f322f89fac9492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

content-encoding
br
etag
W/"2ac14c18b84a1d8b7e645922aeff9e5b"
x-amz-version-id
IA_xxjAGlNIXOVlzxUwJZwRAUV0GLAv1
age
4736
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
75ni-rMR_7PGJ8E-tnlSAMCqRGDWb1JY80NZMyyQlsP9Cqk38B6iaQ==
date
Wed, 16 Oct 2024 11:56:15 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 01 Oct 2024 15:11:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
up_loader.1.1.0.js
js.adsrvr.org/
51 KB
13 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.horizon3.ai
URL: blob:https://www.horizon3.ai/93151b25-23a1-46ff-bd1f-40f485e48055
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
W/"c344dc53c8de38f6fc7ffc8afeeeee6e"
Age
22524
Connection
keep-alive
Via
1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
MaBHKLfYHNs4rsHAdBgY66OasUtx2XmvmpxzazpZD-lKfOkw3hMvLw==
Date
Wed, 16 Oct 2024 06:59:47 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 15 Oct 2024 06:56:09 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
x-amz-server-side-encryption
AES256
data
aorta.clickagy.com/
57 B
506 B
XHR
General
Full URL
https://aorta.clickagy.com/data
Requested by
Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.29.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-29-133.compute-1.amazonaws.com
Software
Aorta/20241010.2abbd14b2 /
Resource Hash
7bac54219d7b85a57ebf11638c1403f47d6d78e215163a2fe53af7bc0e54862d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-max-age
31536000
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
expect
0
content-encoding
gzip
access-control-allow-credentials
true
x-aorta-region
us-east-1
access-control-allow-methods
POST, GET, OPTIONS
x-aorta-host
d4daa9e320e2
access-control-allow-origin
https://www.horizon3.ai
content-length
82
date
Wed, 16 Oct 2024 13:15:11 GMT
content-type
application/json
server
Aorta/20241010.2abbd14b2
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
420246.gif
idsync.rlcdn.com/
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:6c70bc42dec58f8d2a222a6ea3ee9585
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/420246.gif?partner_uid=c:6c70bc42dec58f8d2a222a6ea3ee9585
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 16 Oct 2024 13:15:11 GMT

Redirect headers

access-control-max-age
31536000
access-control-expose-headers
Set-Cookie
location
https://idsync.rlcdn.com/420246.gif?partner_uid=c:6c70bc42dec58f8d2a222a6ea3ee9585
expect
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
access-control-allow-methods
POST, GET, OPTIONS
x-aorta-host
e581994a5ab2
access-control-allow-origin
*
content-length
0
date
Wed, 16 Oct 2024 13:15:11 GMT
content-type
application/json
server
Aorta/20241010.2abbd14b2
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
up
insight.adsrvr.org/track/ Frame 1C88
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=nnpwm2i&ref=https%3A%2F%2Fwww.horizon3.ai%2Fattack-research%2Fpalo-alto-expedition-from-n-day-to-full-compromise%2F&upid=r539y9j&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Wed, 16 Oct 2024 13:15:11 GMT
server
Kestrel
hasHashes
hemsync.clickagy.com/external/
2 B
326 B
XHR
General
Full URL
https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by
Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.210.70.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-70-5.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Response headers

access-control-expose-headers
content-length, last-modified, expires, content-type
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://www.horizon3.ai
content-length
28
date
Wed, 16 Oct 2024 13:15:11 GMT
content-type
text/plain; charset=utf-8
vary
origin

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERENCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE object| loadmore_ajax_object function| hj object| _hjSettings object| elm object| dataLayer function| sixteenNine object| zi string| ZIProjectKey object| et_animation_data object| tribe_l10n_datatables function| getParam function| getExpiryRecord function| addGclid function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars object| salvattore object| addComment object| DiviBlogExtrasFrontendData object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| wp function| Swiper function| moment function| daterangepicker object| eventFeeddecm_event_display_0_tb_header object| et_pb_motion_elements object| google_tag_manager object| google_tag_data object| et_pb_sticky_elements object| ET_Builder object| ET_FE object| ET_FB function| rdt string| piAId string| piCId string| piHostname string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| iframeSelector string| gaEventName object| analytics object| __DD_TEMP_ANALYTICS__ object| script function| updateUrlWithUid function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init string| currentText string| categoryCookie object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms function| et_pb_slider_init function| et_pb_image_lightbox_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_init function| et_pb_reinit_circle_counters function| et_pb_circle_counter_update function| et_pb_reinit_number_counters function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class function| redditNormalizeEmail boolean| _already_called_lintrk function| autoIdentify object| JSON3 function| setImmediate function| clearImmediate string| Integration function| normalize function| onYouTubeIframeAPIReady object| gaGlobal object| _0xf102 function| _0x20fb object| CG function| _cg_convert function| cg_convert function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property object| ORIBILI function| piResponse function| et_pb_init_woo_custom_button_icon object| zitag object| ZILogs function| loadZILogs function| errorHandler string| waypointContextKey object| _zi_fc object| regeneratorRuntime object| _zi object| ziws object| ttdEl object| loaderEl function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel function| _initClickagy object| _uid2SdkListenerLock function| setupUid2Sdk

29 Cookies

Domain/Path Name / Value
.horizon3.ai/ Name: _gcl_au
Value: 1.1.1636129981.1729084508
.horizon3.ai/ Name: _hjSessionUser_5039807
Value: eyJpZCI6IjU5MjUwZjE3LTAxZTMtNTQ1Mi05MjU5LTk1NjY1NTc5YzA1MyIsImNyZWF0ZWQiOjE3MjkwODQ1MDc5MzAsImV4aXN0aW5nIjpmYWxzZX0=
.horizon3.ai/ Name: _hjSession_5039807
Value: eyJpZCI6Ijc4NTUyZDJkLWNmYzEtNDdkMy05MTlmLWI0YWVhZTZmZmI3MiIsImMiOjE3MjkwODQ1MDc5MzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.g2crowd.com/ Name: __cf_bm
Value: .NXHsGSJJg8XHsE11L4U9rbfhQ2s2kAUtrxYcWxZHM4-1729084507-1.0.1.1-Q3bbSh_qKTY5xaJH4iVYKP7Px1wAzzEFp_eiUf8kfGEWxkkgDGHgCk8fDePGssD0YeDUlBYVsN6WR9sc98cwDw
www.horizon3.ai/ Name: cookielawinfo-checkbox-necessary
Value: yes
www.horizon3.ai/ Name: cookielawinfo-checkbox-functional
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-performance
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-analytics
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-advertisement
Value: no
www.horizon3.ai/ Name: cookielawinfo-checkbox-others
Value: no
.horizon3.ai/ Name: _rdt_uuid
Value: 1729084508195.336de8cb-093c-4896-81ab-faaa7140b1b3
.horizon3.ai/ Name: ajs_user_id
Value: null
.horizon3.ai/ Name: ajs_group_id
Value: null
.horizon3.ai/ Name: ajs_anonymous_id
Value: %220e9f2cc4-1910-40bd-9fb3-589933a80d38%22
.linkedin.com/ Name: bcookie
Value: "v=2&0468f93d-4588-43bd-828a-d37c2244c876"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjkwODQ1MDg7MjswMjFZSnzE6ERG9vubxo8YVAjKE4yP8lK9mWmfR7W/ollvTQ==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3355:u=1:x=1:i=1729084508:t=1729170908:v=2:sig=AQGHpwJwnfG2ts55ddr3nsuiT6YYKemp"
.horizon3.ai/ Name: _ga_V462VSRXXS
Value: GS1.1.1729084508.1.0.1729084508.60.0.289604410
.horizon3.ai/ Name: _ga
Value: GA1.1.139852431.1729084508
.pardot.com/ Name: visitor_id971073
Value: 141062671
.pardot.com/ Name: visitor_id971073-hash
Value: 2e872bab673655f01b235f7b1689d301c966a4ebc1d965d669d08282d0c5e86a1c34af0245c649d83b82133edfb28d0ef44b390d
pi.pardot.com/ Name: lpv971073
Value: aHR0cHM6Ly93d3cuaG9yaXpvbjMuYWkvYXR0YWNrLXJlc2VhcmNoL3BhbG8tYWx0by1leHBlZGl0aW9uLWZyb20tbi1kYXktdG8tZnVsbC1jb21wcm9taXNlLw%3D%3D
www.horizon3.ai/ Name: visitor_id971073
Value: 141062671
www.horizon3.ai/ Name: visitor_id971073-hash
Value: 2e872bab673655f01b235f7b1689d301c966a4ebc1d965d669d08282d0c5e86a1c34af0245c649d83b82133edfb28d0ef44b390d
go.horizon3.ai/ Name: visitor_id971073
Value: 141062671
go.horizon3.ai/ Name: visitor_id971073-hash
Value: 2e872bab673655f01b235f7b1689d301c966a4ebc1d965d669d08282d0c5e86a1c34af0245c649d83b82133edfb28d0ef44b390d
.www.horizon3.ai/ Name: _zitok
Value: 9f99174058af31da84141729084510
.zoominfo.com/ Name: __cf_bm
Value: WHmI5yrQAp1OEZpyOHBac3zIzZ7VNySBH0rRgt2xosw-1729084510-1.0.1.1-fF_V4NQUJzc_H_ILkHjxk54Ko8IsK_MKxHZHmDpCIpBCpjqWFka4Qrg0NigFyiRY.WB_Cm3rD11r9jC_6z0kfA
.zoominfo.com/ Name: _cfuvid
Value: O5xbPl5tA8iq3Ta7I8K.CBjnldW7HnKkDmls8HlGMV0-1729084510549-0.0.1.1-604800000

14 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:6c70bc42dec58f8d2a222a6ea3ee9585
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
aorta.clickagy.com
cdn.dreamdata.cloud
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
go.horizon3.ai
hemsync.clickagy.com
idsync.rlcdn.com
insight.adsrvr.org
io.clickguard.com
js.adsrvr.org
js.zi-scripts.com
p7i3u3x3.rocketcdn.me
pi.pardot.com
pixel-config.reddit.com
pulse.clickguard.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tags.clickagy.com
tracking.g2crowd.com
vc.hotjar.io
ws-assets.zoominfo.com
ws.zoominfo.com
www.google.de
www.googletagmanager.com
www.horizon3.ai
www.redditstatic.com
104.16.117.43
104.17.25.14
104.197.16.226
13.107.42.14
13.33.187.19
142.250.185.163
151.101.129.140
151.101.193.140
172.217.18.99
172.64.150.44
18.172.103.101
18.208.125.13
18.66.102.51
18.66.112.79
2001:4860:4802:34::36
2400:52e0:1e00::1079:1
2600:9000:211e:6600:4:8491:f2c0:93a1
2606:4700:20::681a:d98
2606:4700:20::ac43:44c4
2606:4700::6812:1fb0
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:400c:c07::9a
2a02:26f0:3500:10::210:a99
2a04:4e42:400::649
2a04:4e42:600::485
2a04:4e42::396
3.33.220.150
34.120.220.80
35.244.174.68
52.54.96.194
54.210.70.5
54.82.29.133
009e58f3632270c3fa8d127a9e132807a0920ac00512a2a0c5f3e8d5d728d373
00bd70a9e2b51ce68971a89a29d07b1e06e49a5d1e71c6a44d1a7ccb41828095
05ae27ac28d3b7600cbc5129128d295df6e066069ce525554f14921b2af07c27
05c86a01cec19a9f9931163c42515adaab424be687667ef09f7d9b3cd0765cb5
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
0907683649854f8c34c1c89b06ac8256e5414e1c2db6019fa0c0f347e9e240e6
09b0a4d508c86b60e314de8b5620377cb6ac89cacea27baa787eafd3d367b7ba
0abb6b841ec88ed4a6de1540fd8f6cf921147c69a849a617989fab23f53b520c
0b58d82b60be4aa0041234b625c3f8d60899d17b440587da514346c2d2193421
0d1f7644ab55d6f98d758bf173c16accb9c8ff2bc86cc8edf914ffc5a9514cf8
10e5a9648bd0457bae09fdcd63aae1cd6448fc05f3c2aa091cd6ba7c17e162f7
144285e8182c3c3f25bf4992fbd3bf2e790369b48ad7e65cde3d9a2f9937ad2f
159e251000e49e115bfc34826f374f10a0b48eb8b0c6e1f2677856919e90c02a
1bf8ed7e87bfb6547e0c40b7ab6721c4f39f3fc60bac5ae463f12cd2198b2349
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
2053ab9b2531576c619c6136fab9db876c237e61d6e0deaffe2969e52c5d1f67
21299aa0cfccae6adfc1fdc2d6dfd6895c47f6f8b714b2683df914f9b5b485a3
22a7ae46aefb3325e3e2761085d7b2ea2cda8dc351cf391a62918bb09784f693
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
255d67153c707d1926f571d5e1c7051911138caf15d1dc4bb6759049221566fa
2a68d702f2d1190671d9591ab1623372c776df8e002b1cf9ffc020b29da39d92
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2f1e0ba0f1a9560f8d67fb010c58f8995fa681625c321e18133ccec0043bce47
385825f3c978e51201237611398c837352a7cf4fc8f4dce0badef3871cad2dd4
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
3fa3f0c4c099718595c4e25e55810cca92181c72d6233512fb51c2f74fa55cd7
3fecac074476b2081f0fdff03d66d02072029542362e7b6f7265c86c0d29c50b
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
429e6cab64539f15ca1c33984a782a42b43c0f02dba4cc4009f322f89fac9492
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449706de74ec55e3197ad93625d95d369ec29e034847695cbf3b674500d0aaa7
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
46ed19e2d021296a35c1632b877c5fff1aa3c3eaec27d49d892e94545b792b43
47ce6e8fad20c093a88f96f1c0b925dc842d5670f26683f3dcfe4da3491fb76d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52d0940a9fa67895069016345a8fcb605b37427bfff4de1b291206da54e17ce3
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
55e13c57cc149af08d7bf2725cc8d788814aa4d8a6533d5cf3501af1a67e8687
5617c251ed51f42797b789d282460813a798d8402a95cd633d3d8f0e82d44819
568c3ba372e075ecceb821409f5d45be311c896c3c784910eb5f2f20e5c90670
592f7197a0be2403b00faee4497dd6f88a553191138f9c81db3e83b549dadf09
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5caa03f2cf0f0dfcf01c3b7eb5d3e3e9204a67d40987bf6429bf2ce5266f951d
5cd9492e65ec7b99b6946ea2455f2cac1709c3ba552aa76d45f9c4f31b612409
5f9f44351d8cb1c857cc8d29a64c97dd4efc0659fc90bd160a42ea0d715ead79
6555189a58cede3f19c2269dfa21e1e86734f122f0e190bfaaee35895dcbd9fe
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
66c5889779331f1942f8bf56933acbab2f3c264c7e77f367795a8cb04506e9ff
6a3b8f0bc82438614757559760af1e72d2bb121b7a178069e9ea17af37ca9727
6af23fd5d68900400e981906d4bf799efb94d589616b846112f9e2684274c692
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6bf44386a20716649e91ceff27bb8824fa56b8d63de6e6502f9a0960ab529c83
6c742dbd1b71338da108a257be31d23bdde0a67b20440548db9ea70660bc7430
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
6ef0799d97f6b9d6b1cb61f5e2962b7778165a99e3fdcdd93e56a7f3514ac659
70631b3ab478a15e8a26f17b8bb991464916725030d772237692c217e0d21334
726143045da1bce502842c072048df39d9e49e9a4d0c448fdb13de55b964cea2
744e2c69f12052b2251ea97566999dfd68e9529558cc6d647f9deef86152f0c4
74ca4b4a7f9ee76d71e312306ea01f5d0661796d4caa0a2170058d2a27ed328d
751a73d9a95700a13e0592a06cfa3680c9a50f8105bcc1332b4ed0b92dc78ca2
79649dc7389e7c9f43ab6f4610fd33b96798f406b71e31680764c072a1dcbcfd
798b31a18cae3f6010e75b292d5efa21b347cb479c319b0b7344e023f1ed022a
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7b898b6a4c55324c6c8d31fc29867d4ab4d554819b8fd2dbb80960af1323eab7
7bac54219d7b85a57ebf11638c1403f47d6d78e215163a2fe53af7bc0e54862d
7d1b0d7af8eb5e8dafc681f282db58efb53d808ac1701694fe3420992ed58d72
7d3ef1a0879b370d8f13d97d76b995ab0106b3283f9312e329abd724c3aea1cf
7f129d679c333a252660449c1841035b697e85642d5617a7bcbcfabe02e2c069
8189eb6330e9f0b62e4fe2be8bbad8129ebf1db97e390c2386e0b5a2880aa403
8205d888f22bd7c24358689dc83a660090dc55d45f86ee9a4f521e135b56cc25
85375eab1610513e2743d5ecc157320b210104dbb86b3daa5a174e0ae90c0dae
869d26755acd4c1683b650f96b45263ab89ea0ef5c3866e61345cc61d07b336c
898d53081a3b7835eeaaf8c12d300b8c28b610d61f573056b44c5aad7ea3a76c
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8e78bcb85c5e969c9fbd74ade48ae59d1e8c94bc928b61947bab57c5f8576a54
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
977b03a17e6c623ab63583f72b1639b1ad6aef1ae044993c66b4c8328e571272
98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de
9b305496a376155dbf4b51c26fc3d4ebca6083945fc20aa60c47817836f86366
a1fc4d2a1d472a69f0736655a1de5a136b9daad166b23b065c96facb834b3724
a314e4c39a406b80af166f001cb0400257b1301f3f96d7d670e9feadaeae07ef
a6fa4fd70eb16b5b84865862f147a578ea153fd33fa414b4f90b23d979dec616
ab99447e2a3d73f045ab7579bb6e734f49abc4e046139c3afb336ecc76754b66
adacf4458aa949a6b32939da6b9d319c147f4ac5e76960ff106a393bbea3b37d
b0a9a22da3f67f5e35770bedef0e2ec034eddd871243a6b80d09b285372d1863
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b17e75595f8c188bffef259c2ae6017a14b232c2f1833010224fc50683243738
b24aa7e74310a0cc0723f431099e76ab2dddbde19a580b3c3da79d88a80e6893
b2749d534580075928305c8fbb8cc0224d2fbd87343438ecef42f0c8b0cdc980
b4d9b5f545245d9781d491989a77089f380de3a58898ea70116cc59f61257e92
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba4850a04e842ac69c08e783f761740cb099c0df2a5b7fcffdf0d85e7945dd4b
bd36dfbd26f0a08907b7e0ebd088ee1bcba672d77655947144fa6c150afc40e9
bf05a9aab699f4d6b5a8cc679efe50ae7562e9635b1d2a3a5e6fdc31abc54ba1
bfa10318adf08d448ae42a0a02e1f0264f90a39a537f4e1f4fd6cee4b17af1a1
c1b94e225b989e86f8b6c589c0778c17ec25d2465f33fd10dc7e2e45f060fa6c
c388681430c8e4e4d59313f3c6e965f66d940081e80f0d93239bc53cdc45e2f3
c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757
c4e1638e8764c786a6a14eb7e96ebfb8589ac187691b5e0bc9f4fda7c1492ab4
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f
c82579181db2e7c0cc170f8cc483383dcdc29177a91abeec4ddd99f5fb067b4a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd6259ec59126338f11a9b28a330a866a58a7f169e6ec4f93622672e5332d016
ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f
d3be81811faf161b3a779e65166be4313bd33f08ec7841a2aa9fbc11edafb033
d65fa445e89a329e393e914790b08f0b7cdb441f72fbe5d0fad0f43d92f2efee
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e18fe1d33ada37ef55fff1480facdb68824cc4264dd43221382ad8632669e43b
e1b2235641cb8b0030af5cbc534d7c3c8ca99bb8a0ffe6be0f9fb4dd7a0912ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01fc7491b03e36f48623cbf87cbe09be93cd1280232a32de0d07ae66ac9dca6
f653c580a161c53dac7b5e8f1c76ba8b03b3683b4ff48e5d0ebd3f7087b44229
f69948dfcbd3dcd9200b96c07e77683d542b716df21afd4a1696c47b2e6462ce
f80d87f46f45bb648d45a1de343befaf9eefa5604cdde3f5a53d95d3d6a900f9
f8e51e1d5868192f9195f91c845da451872e15337f69b8e5b111da1c7ba0eee7
f94790aaef69319d75608143a96875a210ec95d7267af50752b725bb6b6a081c
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fbf0d9704506b1ad0def13dc96bf24602d807afe597a754ae59fe1d2c0efcec4
fc28654bf4d567cdbc91b5089345699eb8fff900d723b6dc635631eb0cb26fe5
fe676b7de732436eef5cc928e6ce2a5a87d51b34155753d343f88746c4bfb891
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196