unit42.paloaltonetworks.com Open in urlscan Pro
92.123.151.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u33254697.ct.sendgrid.net/ls/click?upn=u001.rfmZKoSIQF-2FqHrRaNSBoL58hgwozEm7yYfUkAhtTJVPG-2Fjlt0DeOR0cmp7CXQ7IJx-2FS4XX8U...
Effective URL:
https://unit42.paloaltonetworks.com/cve-2024-3400/
Submission: On April 12 via api (April 12th 2024, 5:24:36 pm UTC) from IL — Scanned from IL

Summary HTTP 170 Redirects Links 76 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 33 domains to perform 170 HTTP transactions. The main IP is 92.123.151.6, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is unit42.paloaltonetworks.com. The Cisco Umbrella rank of the primary domain is 620881.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 18th 2023. Valid for: a year.

This is the only time unit42.paloaltonetworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
1 46	92.123.151.6 92.123.151.6	16625 (AKAMAI-AS) (AKAMAI-AS)
20	23.197.4.130 23.197.4.130	16625 (AKAMAI-AS) (AKAMAI-AS)
20	23.211.8.45 23.211.8.45	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1 3	54.228.84.202 54.228.84.202	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
11	104.19.178.52 104.19.178.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
2	18.245.46.89 18.245.46.89	16509 (AMAZON-02) (AMAZON-02)
2	18.66.102.75 18.66.102.75	16509 (AMAZON-02) (AMAZON-02)
2	66.235.152.221 66.235.152.221	15224 (OMNITURE) (OMNITURE)
2	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1 2	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
2	104.102.141.31 104.102.141.31	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.20.71.71 2.20.71.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
5	52.222.232.122 52.222.232.122	16509 (AMAZON-02) (AMAZON-02)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	104.18.36.196 104.18.36.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	143.204.98.127 143.204.98.127	16509 (AMAZON-02) (AMAZON-02)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	52.21.250.58 52.21.250.58	14618 (AMAZON-AES) (AMAZON-AES)
3	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
170	45

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u33254697.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 92.123.151.6 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-151-6.deploy.static.akamaitechnologies.com

unit42.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.197.4.130 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-4-130.deploy.static.akamaitechnologies.com

www.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.211.8.45 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-8-45.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.84.202 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-84-202.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.178.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

sstats.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-89.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-75.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.235.152.221 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-221.data.adobedc.net

paloaltonetworks.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.141.31 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-141-31.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.71.71 (Madrid, Spain)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-20-71-71.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

12123386.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.232.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-122.fra56.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.196 (None, )

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

531-ocs-018.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-127.fra50.r.cloudfront.net

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.250.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-250-58.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	paloaltonetworks.com 1 redirects unit42.paloaltonetworks.com — Cisco Umbrella Rank: 620881 www.paloaltonetworks.com — Cisco Umbrella Rank: 120184 sstats.paloaltonetworks.com — Cisco Umbrella Rank: 146803	2 MB
20	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 436	176 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 309	176 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 751 n.clarity.ms — Cisco Umbrella Rank: 6139 c.clarity.ms — Cisco Umbrella Rank: 1390	28 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 147	1 KB
5	cloudfront.net d10lpsik1i8c69.cloudfront.net	99 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 340 www.linkedin.com — Cisco Umbrella Rank: 609	3 KB
5	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 12123386.fls.doubleclick.net — Cisco Umbrella Rank: 324465	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 335 c.bing.com — Cisco Umbrella Rank: 233	16 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1586 insight.adsrvr.org — Cisco Umbrella Rank: 611 match.adsrvr.org — Cisco Umbrella Rank: 360	4 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 25941 ibc-flow.techtarget.com — Cisco Umbrella Rank: 23383	2 KB
3	google.co.il www.google.co.il — Cisco Umbrella Rank: 15926	625 B
3	company-target.com api.company-target.com — Cisco Umbrella Rank: 4077 s.company-target.com — Cisco Umbrella Rank: 1323	2 KB
3	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 12275 tag.demandbase.com — Cisco Umbrella Rank: 4793 tag-logger.demandbase.com — Cisco Umbrella Rank: 4905	25 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	257 KB
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 240	2 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1904	11 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 6178 q.quora.com — Cisco Umbrella Rank: 4344	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 838	820 B
2	t.co t.co — Cisco Umbrella Rank: 678	494 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3766	6 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 633	17 KB
2	omtrdc.net paloaltonetworks.tt.omtrdc.net — Cisco Umbrella Rank: 331342	7 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	270 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 11289	1 KB
1	mktoresp.com 531-ocs-018.mktoresp.com — Cisco Umbrella Rank: 330425	318 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 822	17 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 543	428 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 788	15 KB
1	gstatic.com www.gstatic.com	202 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	sendgrid.net 1 redirects u33254697.ct.sendgrid.net	252 B
170	33

	Domain	Requested by
46	unit42.paloaltonetworks.com	1 redirects unit42.paloaltonetworks.com
20	assets.adobedtm.com	unit42.paloaltonetworks.com assets.adobedtm.com
20	www.paloaltonetworks.com	unit42.paloaltonetworks.com www.paloaltonetworks.com
11	cdn.cookielaw.org	assets.adobedtm.com cdn.cookielaw.org unit42.paloaltonetworks.com
5	d10lpsik1i8c69.cloudfront.net	unit42.paloaltonetworks.com d10lpsik1i8c69.cloudfront.net
5	www.google.com	1 redirects unit42.paloaltonetworks.com www.gstatic.com
4	px.ads.linkedin.com	2 redirects unit42.paloaltonetworks.com snap.licdn.com
3	n.clarity.ms	www.clarity.ms
3	bat.bing.com	assets.adobedtm.com bat.bing.com unit42.paloaltonetworks.com
3	www.google.co.il	unit42.paloaltonetworks.com
3	www.googletagmanager.com	assets.adobedtm.com
3	sstats.paloaltonetworks.com	assets.adobedtm.com
3	dpm.demdex.net	1 redirects unit42.paloaltonetworks.com assets.adobedtm.com
2	c.clarity.ms	1 redirects
2	ml314.com	unit42.paloaltonetworks.com ml314.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	connect.facebook.net	unit42.paloaltonetworks.com connect.facebook.net
2	12123386.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	analytics.twitter.com	unit42.paloaltonetworks.com
2	t.co	unit42.paloaltonetworks.com
2	munchkin.marketo.net	assets.adobedtm.com munchkin.marketo.net
2	ssl.google-analytics.com	1 redirects unit42.paloaltonetworks.com
2	stats.g.doubleclick.net	1 redirects www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	paloaltonetworks.tt.omtrdc.net	assets.adobedtm.com
2	api.company-target.com	assets.adobedtm.com tag.demandbase.com
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	c.bing.com	1 redirects
1	q.quora.com	unit42.paloaltonetworks.com
1	www.facebook.com	unit42.paloaltonetworks.com
1	a.quora.com	unit42.paloaltonetworks.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	tag-logger.demandbase.com	tag.demandbase.com
1	531-ocs-018.mktoresp.com	munchkin.marketo.net
1	s.company-target.com	tag.demandbase.com
1	js.adsrvr.org	assets.adobedtm.com
1	trk.techtarget.com	unit42.paloaltonetworks.com
1	tag.demandbase.com	unit42.paloaltonetworks.com
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	snap.licdn.com	assets.adobedtm.com
1	scripts.demandbase.com	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.ads-twitter.com	assets.adobedtm.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	unit42.paloaltonetworks.com
1	u33254697.ct.sendgrid.net	1 redirects
170	49

This site contains links to these domains. Also see Links.

Domain
www.paloaltonetworks.com
start.paloaltonetworks.com
docs.paloaltonetworks.com
www.facebook.com
twitter.com
www.linkedin.com
www.reddit.com
security.paloaltonetworks.com
support.paloaltonetworks.com
threatvault.paloaltonetworks.com
live.paloaltonetworks.com
www.volexity.com
www.cyberthreatalliance.org
github.com
paloaltonetworks.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.paloaltonetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-18` - `2024-05-18`	a year	crt.sh
*.paloaltonetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-28` - `2024-05-29`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
sstats.paloaltonetworks.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2024-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.co.il GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-11` - `2024-06-27`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-21` - `2024-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.company-target.com R3	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
luckyorange.net GTS CA 1P5	`2024-03-30` - `2024-06-28`	3 months	crt.sh
quora.com R3	`2024-02-18` - `2024-05-18`	3 months	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.quora.com R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 7 frames:

Primary Page: https://unit42.paloaltonetworks.com/cve-2024-3400/
Frame ID: F33377B17BA88A3B4A9179E3D35B996B
Requests: 161 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5EhgTAAAAAJa-DzE7EeWABasWg4LKv-R3ao6o&co=aHR0cHM6Ly91bml0NDIucGFsb2FsdG9uZXR3b3Jrcy5jb206NDQz&hl=iw&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=tbme1tk0fqew
Frame ID: 89DF1E910B82D39EF3A98B39E41345EE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=iw&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6Lc5EhgTAAAAAJa-DzE7EeWABasWg4LKv-R3ao6o
Frame ID: 1F57D2A779F560793D23DFC700416468
Requests: 1 HTTP requests in this frame

Frame: https://12123386.fls.doubleclick.net/activityi;dc_pre=CK-4-9qYvYUDFZX0OwIdvOgIHQ;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F
Frame ID: 053C6AF660DBFDE1FA132C8264112B34
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 7433336B6529E5D8FDB32CD312D7AAAE
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Frame ID: 3982B9F355946917009528851DA751A3
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=4vc17dm&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&upid=jnrvx4g&upv=1.1.0
Frame ID: 9C3C557E73344795805C0C1E73DF98D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400

Page URL History Show full URLs

https://u33254697.ct.sendgrid.net/ls/click?upn=u001.rfmZKoSIQF-2FqHrRaNSBoL58hgwozEm7yYfUkAhtTJVPG-2Fjlt0DeOR0... HTTP 302
https://unit42.paloaltonetworks.com/cve-2024-3400 HTTP 301
https://unit42.paloaltonetworks.com/cve-2024-3400/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/clientlibs/
/etc\.clientlibs/

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

170
Requests

95 %
HTTPS

0 %
IPv6

33
Domains

49
Subdomains

45
IPs

5
Countries

2705 kB
Transfer

6161 kB
Size

77
Cookies

76 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paloaltonetworks.com/

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42
Title: Security Consulting

Search URL Search Domain Scan URL

URL: https://start.paloaltonetworks.com/contact-unit42.html
Title: Under Attack?

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/about
Title: About Unit 42

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess
Title: Assess and Test Your Security Controls

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment
Title: Attack Surface Assessment

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review
Title: Breach Readiness Review

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/business-email-compromise
Title: BEC Readiness Assessment

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/compromise-assessment
Title: Compromise Assessment

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment
Title: Cyber Risk Assessment

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-dilligence
Title: M&A Cyber Due Diligence

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/penetration-testing
Title: Penetration Testing

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/purple-teaming
Title: Purple Team Exercises

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment
Title: Ransomware Readiness Assessment

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/soc-assessment
Title: SOC Assessment

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment
Title: Supply Chain Risk Assessment

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise
Title: Tabletop Exercises

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/retainer
Title: Unit 42 Retainer

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/transform
Title: Transform Your Security Strategy

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review
Title: IR Plan Development and Review

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/transform/security-program-design
Title: Security Program Design

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/transform/vciso
Title: Virtual CISO

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/respond
Title: Respond in Record Time

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response
Title: Cloud Incident Response

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/respond/digital-forensics
Title: Digital Forensics

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/respond/incident-response
Title: Incident Response

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/respond/managed-detection-response
Title: Managed Detection and Response

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting
Title: Managed Threat Hunting

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Fcrypsis&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fresearch
Title: Threat Reports Downloadable, in-depth research reports

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report
Title: THREAT REPORT 2024 Unit 42 Incident Response Report Read now

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/content/pan/en_US/prisma/unit42-cloud-threat-research-volume-six
Title: THREAT REPORT Highlights from the Unit 42 Cloud Threat Report, Volume 6 Learn more

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/threat-intelligence-partners
Title: Threat Intelligence Sharing

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42/incident-response-partners
Title: Law Firms and Insurance Providers

Search URL Search Domain Scan URL

URL: https://start.paloaltonetworks.com/unit42-threat-intel-bulletin.html
Title: Threat Intel Bulletin

Search URL Search Domain Scan URL

URL: https://start.paloaltonetworks.com/unit-42-ransomware-threat-report.html
Title: THREAT REPORT 2022 Unit 42 Ransomware Threat Report: Understand trends and tactics to bolster defenses Learn more

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/industry/unit42-financial-services
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/industry/unit42-healthcare
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/industry/unit42-manufacturing
Title: Manufacturing

Search URL Search Domain Scan URL

URL: https://start.paloaltonetworks.com/2023-unit42-ransomware-extortion-report
Title: THREAT REPORT 2023 Unit 42 Ransomware and Extortion Report: Get the latest multi-extortion trends and insights to keep your organization protected. Learn more

Search URL Search Domain Scan URL

URL: https://start.paloaltonetworks.com/gartner-dfir-guide.html
Title: RESEARCH REPORT Gartner Market Guide for Digital Forensics and Incident Response Services Learn more

Search URL Search Domain Scan URL

URL: https://docs.paloaltonetworks.com/search#q=unit%2042&sort=relevancy&layout=card&numberOfResults=25
Title: Tech Docs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F+-+Threat+Brief%3A+Operation+MidnightEclipse%2C+Post-Exploitation+Activity+Related+to+CVE-2024-3400

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&title=Threat+Brief%3A+Operation+MidnightEclipse%2C+Post-Exploitation+Activity+Related+to+CVE-2024-3400&summary=&source=

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://unit42.paloaltonetworks.com/cve-2024-3400/

Search URL Search Domain Scan URL

URL: https://security.paloaltonetworks.com/CVE-2024-3400
Title: Palo Alto Networks Security Advisory

Search URL Search Domain Scan URL

URL: https://support.paloaltonetworks.com/
Title: Palo Alto Networks support

Search URL Search Domain Scan URL

URL: https://threatvault.paloaltonetworks.com/?query=95187
Title: Threat ID 95187

Search URL Search Domain Scan URL

URL: https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184
Title: LIVEcommunity article

Search URL Search Domain Scan URL

URL: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/device-telemetry/device-telemetry-configure/device-telemetry-disable
Title: temporarily disabling device telemetry

Search URL Search Domain Scan URL

URL: https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400
Title: blog

Search URL Search Domain Scan URL

URL: https://www.cyberthreatalliance.org/
Title: Cyber Threat Alliance

Search URL Search Domain Scan URL

URL: https://docs.paloaltonetworks.com/ngfw
Title: Next-Generation Firewall

Search URL Search Domain Scan URL

URL: https://docs.paloaltonetworks.com/advanced-threat-prevention/administration
Title: Advanced Threat Prevention

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/legal-notices/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/legal-notices/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://twitter.com/Unit42_Intel

Search URL Search Domain Scan URL

URL: https://github.com/pan-unit42

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/resources
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/communities
Title: Communities

Search URL Search Domain Scan URL

URL: https://docs.paloaltonetworks.com/
Title: Tech Docs

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/legal
Title: Documents

Search URL Search Domain Scan URL

URL: https://start.paloaltonetworks.com/preference-center
Title: Manage Subscriptions

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/security-disclosure
Title: Report a Vulnerability

Search URL Search Domain Scan URL

URL: https://paloaltonetworks.com/resources/research/unit-42-incident-response-report
Title: 2024 Unit 42 Incident Response Report

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u33254697.ct.sendgrid.net/ls/click?upn=u001.rfmZKoSIQF-2FqHrRaNSBoL58hgwozEm7yYfUkAhtTJVPG-2Fjlt0DeOR0cmp7CXQ7IJx-2FS4XX8UXy-2FOnuHdgD7kPQ-3D-3DZ3Vo_xe6fOXjz6id-2FgGyhTJI-2FmntAo0gAdry6sqehMjQCGvBs6Msq4lWMkf1hXVVNPNHGOEaPZ5u66QQNHeh3C6hM-2FrF3ljmDAMw2jsc78a7oFMOOAx3CxNWsYM5eA5pr5vygRWINhVYZwte-2F9Z4-2Bd6nxd8id0Cm6PrQeJj7CK5kRfCxuFlXHA7zbPuNQ9pO6W1VV1vr1WvYq0zDUT2RGDyRQ5zwhqbIXjXFol4EJqfMF4TM-3D HTTP 302
https://unit42.paloaltonetworks.com/cve-2024-3400 HTTP 301
https://unit42.paloaltonetworks.com/cve-2024-3400/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1712942667026 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1712942667026

Request Chain 118

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=494251326&utmhn=unit42.paloaltonetworks.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=he-il&utmje=0&utmfl=-&utmdt=Threat%20Brief%3A%20Operation%20MidnightEclipse%2C%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400&utmhid=452732511&utmr=-&utmp=%2Fcve-2024-3400%2F&utmht=1712942669662&utmac=UA-494959-2&utmcc=__utma%3D85376408.1688756973.1712942669.1712942670.1712942670.1%3B%2B__utmz%3D85376408.1712942670.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412290351&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326 HTTP 302
https://www.google.co.il/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326&slf_rd=1&random=2955507729

Request Chain 119

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1117%26time%3D1712942669677%26li_adsId%3D6cacb6bb-93ee-4d79-b310-e3d353de73fe%26url%3Dhttps%253A%252F%252Funit42.paloaltonetworks.com%252Fcve-2024-3400%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&cookiesTest=true&liSync=true

Request Chain 120

https://12123386.fls.doubleclick.net/activityi;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F HTTP 302
https://12123386.fls.doubleclick.net/activityi;dc_pre=CK-4-9qYvYUDFZX0OwIdvOgIHQ;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F

Request Chain 156

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE2EE2F3897A41BE98F57BA32915F88C&RedC=c.clarity.ms&MXFR=33F4157A1C6A68642A390125186A6617 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE2EE2F3897A41BE98F57BA32915F88C&MUID=09EE6B8F42F46749104D7FD0438966CC

Request Chain 159

https://insight.adsrvr.org/track/up?adv=4vc17dm&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&upid=jnrvx4g&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=4vc17dm&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&upid=jnrvx4g&upv=1.1.0

170 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
unit42.paloaltonetworks.com/cve-2024-3400/
Redirect Chain

https://u33254697.ct.sendgrid.net/ls/click?upn=u001.rfmZKoSIQF-2FqHrRaNSBoL58hgwozEm7yYfUkAhtTJVPG-2Fjlt0DeOR0cmp7CXQ7IJx-2FS4XX8UXy-2FOnuHdgD7kPQ-3D-3DZ3Vo_xe6fOXjz6id-2FgGyhTJI-2FmntAo0gAdry6sqeh...
https://unit42.paloaltonetworks.com/cve-2024-3400
https://unit42.paloaltonetworks.com/cve-2024-3400/

146 KB
31 KB

150ms
149ms

Document
text/html

92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e5f0381930f2c032840f3601bcf647ed2b42b8fedd65199864aeaa27f148a0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 31724
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Apr 2024 17:24:25 GMT
Link: <https://unit42.paloaltonetworks.com/wp-json/>; rel="https://api.w.org/", <https://unit42.paloaltonetworks.com/wp-json/wp/v2/posts/133365>; rel="alternate"; type="application/json", <https://unit42.paloaltonetworks.com/?p=133365>; rel=shortlink
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Apr 2024 17:24:25 GMT
Location: https://unit42.paloaltonetworks.com/cve-2024-3400/
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Redirect-By: WordPress

GET
H2 200 criticalTop.min.css
www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/ 58 KB
5 KB 374ms
126ms Stylesheet
text/css 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTop.min.css

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2603910bd5da680dbb063e5772f2f9d722150e08f8a21d65dbd214810ed1e5f7

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Tue, 09 Apr 2024 09:06:46 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:25 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: public, max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942665483_34831290_99913142_39_9670_53_119_255";dur=1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 4694
expires: Mon, 15 Apr 2024 17:24:25 GMT

GET
H2 200 criticalTopProductNav.min.css
www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/ 37 KB
3 KB 435ms
188ms Stylesheet
text/css 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTopProductNav.min.css

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

351cb79f16546f26c862b782233ada0a5aec6366fb29dadcdb971f699b98bdd3

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Wed, 27 Mar 2024 19:44:21 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:25 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: public, max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942665604_34831290_99913144_269_8915_53_0_255";dur=1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 3140
expires: Mon, 15 Apr 2024 17:24:25 GMT

GET
H2 200 deferedProductNav.min.css
www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/ 133 KB
9 KB 385ms
138ms Stylesheet
text/css 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/deferedProductNav.min.css

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3919066c108df4a52f94cafa0150ebf05597c1d249874566b887d1e9ecc6d825

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Tue, 02 Apr 2024 03:08:24 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:25 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: public, max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1712942665603_34831290_99913143_236_9752_53_0_255";dur=1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 8657
expires: Mon, 15 Apr 2024 17:24:25 GMT

GET
H/1.1 200
OK crayon.min.css
unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
4 KB 159ms
130ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:50 GMT
Server: Apache
ETag: "4ecc-6118021367da6"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3959

GET
H/1.1 200
OK classic.css
unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
1011 B 283ms
123ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css?ver=_2.7.2_beta
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:50 GMT
Server: Apache
ETag: "1110-611802136eb06"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 727

GET
H/1.1 200
OK monaco.css
unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/fonts/ 529 B
523 B 354ms
124ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:50 GMT
Server: Apache
ETag: "211-61180213698fe"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240

GET
H/1.1 200
OK style.min.css
unit42.paloaltonetworks.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 479ms
231ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "19824-6118021488300"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13841

GET
H/1.1 200
OK dashicons.min.css
unit42.paloaltonetworks.com/wp-includes/css/ 58 KB
35 KB 762ms
514ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-includes/css/dashicons.min.css?ver=6.3
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "e688-61180214867a8"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35749

GET
H/1.1 200
OK frontend.min.css
unit42.paloaltonetworks.com/wp-content/plugins/post-views-counter/css/ 217 B
452 B 483ms
235ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.3
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "d9-611802137a687"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 217

GET
H/1.1 200
OK frontend.min.css
unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/css/ 101 KB
15 KB 661ms
404ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.13.0
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf1fb343613ce155b53f2d3eb5c0dbcf7336cc5ce325ae585ab6533d9467bffb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "19584-611802142e192"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15203

GET
H/1.1 200
OK flatpickr.min.css
unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 14 KB
3 KB 411ms
130ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.13.0
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "3601-611802142e962"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2795

GET
H/1.1 200
OK select2.min.css
unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 494ms
141ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.3
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "3a75-6118021433b6b"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1993

GET
H/1.1 200
OK style.min.css
unit42.paloaltonetworks.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 908 B
601 B 532ms
121ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "38c-61180213d9de5"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 318

GET
H/1.1 200
OK style.min.css
unit42.paloaltonetworks.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-post-translations/ 563 B
499 B 651ms
174ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-post-translations/style.min.css?ver=1
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2fff39fc60bd268cd34d270f80d39a61bd875100c73d7cfb3ac2c93166e8542d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "233-61180213da1cd"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 216

GET
H/1.1 200
OK wpp.css
unit42.paloaltonetworks.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
853 B 656ms
175ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.1
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "688-61180213f8dff"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 570

GET
H/1.1 200
OK main.css
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/ 149 KB
25 KB 638ms
145ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d0031e74e4a3ec284c971fbeb6dc844aa88c9cab66f3caf4d143eef0061fa525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Fri, 12 Apr 2024 17:24:25 GMT
Last-Modified: Wed, 10 Apr 2024 10:36:14 GMT
Server: Apache
ETag: "25572-615bb9ba18f90-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25182

GET
H/1.1 200
OK jquery.min.js Show response
unit42.paloaltonetworks.com/wp-includes/js/jquery/ 85 KB
86 KB 667ms
136ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:25 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "155ba-61180214ad4c2"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87482

GET
H/1.1 200
OK jquery-migrate.min.js Show response
unit42.paloaltonetworks.com/wp-includes/js/jquery/ 13 KB
14 KB 810ms
159ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "3509-61180214ac522"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13577

GET
H/1.1 200
OK crayon.min.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/js/min/ 22 KB
22 KB 821ms
166ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js?ver=_2.7.2_beta
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:50 GMT
Server: Apache
ETag: "5741-611802136a89e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22337

GET
H/1.1 200
OK flatpickr.min.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
50 KB 843ms
184ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.13.0
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "c5a4-611802142e962"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50596

GET
H/1.1 200
OK select2.min.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
69 KB 819ms
144ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.13.0
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "114c3-6118021433b6b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70851

GET
H/1.1 200
OK wpp.min.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 866ms
130ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "bd7-61180213f99b7"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1377

GET
H/1.1 200
OK xdomain-data.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/sitepress-multilingual-cms/res/js/ 3 KB
4 KB 175ms
174ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/sitepress-multilingual-cms/res/js/xdomain-data.js?ver=4.6.9
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 68b324a6179651d56917d3b1f3f5d0a1e71b08550b1468790826dde5e22b2b56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "d2d-61180213d8e45"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3373

GET
H2 200 launch-425c423d843b.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/ 636 KB
149 KB 371ms
122ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 48174261359bbd4fc8cd1d353a3ecfd21dff57014432bfff6ec7dad357c94197

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:26 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:00 GMT
server: AkamaiNetStorage
etag: "ea4859ed563bd2113cbdd818f94f6fb4:1712834040.073466"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 151836
expires: Fri, 12 Apr 2024 18:24:26 GMT

GET
H2 200 attribution.js Show response
www.paloaltonetworks.com/content/dam/pan/en_US/includes/ 10 KB
3 KB 373ms
133ms Script
application/javascript 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/attribution.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3345e1d5601514a1fa98397e817d7c940715b82c438d16183ebc990b1904c052

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Wed, 03 Apr 2024 02:21:50 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:25 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942665603_34831290_99913145_43_9615_53_0_219";dur=1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 2184
expires: Mon, 15 Apr 2024 17:24:25 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
854 B 366ms
127ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

GSE /

Resource Hash

8e900bdcaa74e0eb091e739805ab04350357416fbaab54a5ac7d5d6f81bbdb4f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Apr 2024 17:24:25 GMT

GET
H/1.1 200
OK PANW_Parent.png
unit42.paloaltonetworks.com/wp-content/uploads/2021/07/ 9 KB
10 KB 142ms
141ms Image
image/png 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unit42.paloaltonetworks.com/wp-content/uploads/2021/07/PANW_Parent.png
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ec11303a508ae99cfde8da8d8418863f5c44c6e4d9ad85d89b751711810ccbe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Mon, 14 Nov 2022 10:43:32 GMT
Server: Apache
ETag: "2583-5ed6be924f16c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9603

GET
H/1.1 200
OK unit42-logo-white.svg
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/images/svg/ 3 KB
3 KB 122ms
122ms Image
image/svg+xml 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/images/svg/unit42-logo-white.svg
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ce8287c3e0aa69b9b84e99fefcd63c5aa3e5f91d59852efad2a446efb3f07595

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "b20-611802146cd7e"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2848

GET
H/1.1 200
OK wpdevart_lightbox_front.css
unit42.paloaltonetworks.com/wp-content/plugins/lightbox-popup/includes/style/ 1 KB
717 B 132ms
132ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/lightbox-popup/includes/style/wpdevart_lightbox_front.css?ver=6.3
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a245df6da22f0700461deb2f6f840edce1f07613bab8e44eaa076f97bc40995f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "528-6118021378b2f"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 434

GET
H/1.1 200
OK effects_lightbox.css
unit42.paloaltonetworks.com/wp-content/plugins/lightbox-popup/includes/style/ 20 KB
2 KB 164ms
164ms Stylesheet
text/css 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/lightbox-popup/includes/style/effects_lightbox.css?ver=6.3
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b350cde8333b78d909635b54c3f50fd72d38abcb67cf4ee1a3a212be1d775768

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "5017-6118021378747"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1359

GET
H/1.1 200
OK frontend.min.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/post-views-counter/js/ 3 KB
2 KB 132ms
132ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.3
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d773a880466112a1e5b64abbbc09e1acc76c800ecd0e6027ac526b98fe960044

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "a6d-611802137b23f"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1302

GET
H/1.1 200
OK frontend.min.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/js/ 18 KB
18 KB 151ms
150ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.13.0
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5b5d70daf9c93c1ef917e14b6db8626fcc5e5a5d71368caa2616c303789be096

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "4707-6118021433783"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18183

GET
H/1.1 200
OK fancybox.js Show response
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/scripts/ 140 KB
140 KB 174ms
172ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/scripts/fancybox.js
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b849ac9311853409dafdd2928bffaa5e78d9a3fbb3739080488b01c2a5788901

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "22f9e-611802146d54e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143262

GET
H/1.1 200
OK main.js Show response
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/scripts/ 124 KB
124 KB 135ms
133ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/scripts/main.js
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf10b8926160d5ac5e3e6fc235a7499e91f04b0097d37bac51efe1c5ed61d92b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "1ee21-611802146e4ee"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126497

GET
H/1.1 200
OK wpdevart_lightbox_front.js Show response
unit42.paloaltonetworks.com/wp-content/plugins/lightbox-popup/includes/javascript/ 52 KB
9 KB 160ms
158ms Script
application/javascript 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unit42.paloaltonetworks.com/wp-content/plugins/lightbox-popup/includes/javascript/wpdevart_lightbox_front.js?ver=1.0

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e883b663a943fd1629f7ff06fe7beb9971d8a720c37416a2d7af18a1a9c7dcff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Thu, 11 Apr 2024 06:32:24 GMT
Server: Apache
ETag: "ce33-615cc51799d9c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9053

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 398ms
147ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 17:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 17:02:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 17:24:26 GMT

POST
H/1.1 200
OK popular-posts Show response
unit42.paloaltonetworks.com/wp-json/wordpress-popular-posts/v1/ 0
219 B 486ms
486ms XHR
text/html 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unit42.paloaltonetworks.com/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 12 Apr 2024 17:24:26 GMT
Server: Apache
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 recaptcha__iw.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 525 KB
202 KB 361ms
118ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__iw.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d9a8953bf5bdf24a0aeda1180631536ddcb47da94f1e9fa4e866da73c8383de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 17:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206167
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Apr 2025 17:10:22 GMT

GET
H/1.1 200
OK unit-nav-renderer.php Show response
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/ 34 KB
6 KB 263ms
140ms XHR
text/html 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/unit-nav-renderer.php

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

69ebf4a4e8627a9b9ea12a4850e5f3681ee0ba6a6970cc1ae5d35f275eb5cf3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Fri, 12 Apr 2024 17:24:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 5547

GET
H2 200 x-black.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 268 B
519 B 140ms
139ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

37c5694161fda223034cd9fe184f6801ce2564b8952482a67bdcb871431492d8

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Wed, 27 Mar 2024 18:20:55 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1712942666737_34831290_99913885_171_9030_53_0_146";dur=1
accept-ranges: bytes
content-length: 160
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 unit42-logo-dark.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 4 KB
2 KB 128ms
127ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/unit42-logo-dark.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

789094003d7990c9a6943bf5ea8a789ac2701810361a2c84a815ed08e277efdc

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Wed, 03 Apr 2024 02:10:56 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666738_34831290_99913886_153_8096_53_0_146";dur=1
accept-ranges: bytes
content-length: 1426
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 search-black.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 328 B
567 B 141ms
140ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

71f8892d3e3883e5fdf73032c7ab583e52fad50ce2d684084dbe6ded853c6b67

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Tue, 09 Apr 2024 08:57:17 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666738_34831290_99913887_220_8272_53_0_146";dur=1
accept-ranges: bytes
content-length: 208
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 arrow-right-black.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 218 B
506 B 141ms
140ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0f99161d83c288e754f5f7af3d0fc0e47e3e2289d5bf6f3df964d33785ec30a9

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Wed, 03 Apr 2024 02:50:29 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666746_34831290_99913888_907_10898_53_0_146";dur=1
accept-ranges: bytes
content-length: 145
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 logo-default.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 452 B
608 B 142ms
141ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-default.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

9a0292e0cbc4b30386d1d5c106a5755e1fb924d7569d9a23f9e3e7162996becc

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Tue, 09 Apr 2024 09:51:45 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666737_34831290_99913889_66_9119_53_0_146";dur=1
accept-ranges: bytes
content-length: 250
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 arrow-right-white.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 218 B
502 B 129ms
128ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-white.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

92335224b64f5f098468fe62b305c351fa91bbe7ac8d25b20d82b599b9797d72

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Mon, 01 Apr 2024 01:57:02 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666737_34831290_99913890_45_9077_53_0_146";dur=1
accept-ranges: bytes
content-length: 143
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 unit42-logo-light.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 4 KB
2 KB 134ms
134ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/unit42-logo-light.svg

Requested by

Host: www.paloaltonetworks.com
URL: https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTopProductNav.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6421dd8a8110c77dae085c2cbefa53caf58c82307e451fa3ac65718f3b36c232

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTopProductNav.min.css
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Tue, 09 Apr 2024 10:47:08 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666749_34831290_99913899_162_8879_53_0_146";dur=1
accept-ranges: bytes
content-length: 1423
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 search-white.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 328 B
568 B 133ms
133ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-white.svg

Requested by

Host: www.paloaltonetworks.com
URL: https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTopProductNav.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

4b098a83820406ee35112a0086bcbfaf8dfd357c06d5de16e34fd2c1b2c7d58a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTopProductNav.min.css
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Sat, 06 Apr 2024 11:15:54 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666749_34831290_99913900_137_8895_53_0_146";dur=1
accept-ranges: bytes
content-length: 209
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 Decimal-Semibold-Pro_Web.woff2
www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/decimal/ 47 KB
47 KB 384ms
152ms Font
application/octet-stream 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/decimal/Decimal-Semibold-Pro_Web.woff2

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c223ad34b1e80d587f2f26db6117a8f29e85e00e05b930e50770f97e245084dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15811200
content-security-policy: frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
date: Fri, 12 Apr 2024 17:24:27 GMT
last-modified: Fri, 05 Apr 2024 10:16:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666874_34831290_99914040_40_9597_53_0_255";dur=1
accept-ranges: bytes
content-length: 47819
expires: Fri, 19 Apr 2024 17:24:27 GMT

GET
H2 200 Decimal-Medium-Pro_Web.woff2
www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/decimal/ 50 KB
50 KB 488ms
256ms Font
application/octet-stream 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/decimal/Decimal-Medium-Pro_Web.woff2

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9c1d6395615cae4aa62776a2acbe73a24819df1b1773845fa3e99fe828783961

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15811200
content-security-policy: frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
date: Fri, 12 Apr 2024 17:24:27 GMT
last-modified: Fri, 05 Apr 2024 10:16:12 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942667017_34831290_99914041_35_9672_53_142_255";dur=1
accept-ranges: bytes
content-length: 50943
expires: Fri, 19 Apr 2024 17:24:27 GMT

GET
H2 200 criticalTopBase.min.js Show response
www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/ 2 KB
994 B 189ms
188ms Script
application/javascript 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTopBase.min.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

013bba7b7113817ba1ad5219806cae1dcaa05e1a865f875b5abc303b874108fc

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Wed, 03 Apr 2024 02:17:17 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=25, ak_p; desc="1712942666798_34831290_99913919_2619_8042_54_0_146";dur=1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 596
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 criticalTopProductNav.min.js Show response
www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/ 7 KB
2 KB 172ms
172ms Script
application/javascript 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/criticalTopProductNav.min.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

45b46b7497d7aae8e48cd4972c5d78ddc05e72dd77c9ad30839bec3a5c33a674

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Tue, 09 Apr 2024 10:28:14 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666796_34831290_99913920_78_9338_53_0_146";dur=1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 1929
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H2 200 defered.min.js Show response
www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/ 21 KB
6 KB 164ms
164ms Script
application/javascript 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc.clientlibs/panClean/components/mainNavigationComp/clientlibs/panClean/defered.min.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6d455d957f6da8406bc1c9123512f104fa348800a0141fc0e5ada3fa332c0edf

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Tue, 09 Apr 2024 10:29:11 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942666796_34831290_99913922_38_9290_53_0_146";dur=1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 5609
expires: Mon, 15 Apr 2024 17:24:26 GMT

GET
H/1.1 200
OK unit42-icon-grey.svg
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/images/svg/ 793 B
753 B 134ms
133ms Image
image/svg+xml 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/images/svg/unit42-icon-grey.svg
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 18c14e773ddd0002e4da1176390b7cc121c2e753e216e7ce3467bd303ccfd3d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "319-611802146cd7e"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 465

GET
H/1.1 200
OK buttons.png
unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/css/images/toolbar/ 2 KB
2 KB 146ms
146ms Image
image/png 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/css/images/toolbar/buttons.png
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 630d0a3cc8f4c4aa7bf49b40ae6f59f3a137707e0d7bba46ba44e2e5f2c53aab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:50 GMT
Server: Apache
ETag: "8bc-6118021367da6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2236

GET
H/1.1 200
OK twitter-x-black-new.svg
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/images/svg/ 1008 B
807 B 133ms
132ms Image
image/svg+xml 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/images/svg/twitter-x-black-new.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3771d42912a6896d0148299bfae4f5d30491f5b984e06c585eef4b856bf34a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Tue, 26 Mar 2024 09:03:55 GMT
Server: Apache
ETag: "3f0-6148c91e2800b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 455

GET
H/1.1 200
OK unit42-scope.ttf
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/ 4 KB
5 KB 147ms
146ms Font
application/font-sfnt 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/unit42-scope.ttf?9e4c90
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: df35525390ccc434316ed0514469c12c622dd89e107148f71ab8b5256d06cc9b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
ETag: "1198-6118021462586"
Content-Type: application/font-sfnt
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4504

GET
H/1.1 200
OK LatoLatin-Black.woff2
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/ 42 KB
43 KB 226ms
225ms Font
application/octet-stream 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/LatoLatin-Black.woff2
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e2c997abb38ede2240d957b57a3216882e8416b1f757f26b92128a8875e00e73

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
Connection: keep-alive
Accept-Ranges: bytes
ETag: "a9c0-611802145b825"
Content-Length: 43456

GET
H/1.1 200
OK LatoLatin-Regular.woff2
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/ 43 KB
43 KB 229ms
128ms Font
application/octet-stream 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/LatoLatin-Regular.woff2
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
Connection: keep-alive
Accept-Ranges: bytes
ETag: "aaf0-6118021460a2d"
Content-Length: 43760

GET
H/1.1 200
OK LatoLatin-Bold.woff2
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/ 43 KB
44 KB 273ms
171ms Font
application/octet-stream 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/fonts/LatoLatin-Bold.woff2
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/dist/styles/main.css?v3
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:51 GMT
Server: Apache
Connection: keep-alive
Accept-Ranges: bytes
ETag: "ad5c-611802145c3dd"
Content-Length: 44380

GET
H/1.1 200
OK monaco-webfont.woff
unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/ 21 KB
21 KB 272ms
161ms Font
application/font-woff 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/monaco-webfont.woff
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:50 GMT
Server: Apache
ETag: "537c-61180213698fe"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21372

GET
H/1.1 200
OK Threat-brief-r3d2.png
unit42.paloaltonetworks.com/wp-content/uploads/2024/04/ 323 KB
323 KB 125ms
125ms Image
image/png 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unit42.paloaltonetworks.com/wp-content/uploads/2024/04/Threat-brief-r3d2.png

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c42e9cd97267318bddd74cc5072be5c3eca2a43947fb7c36d9ded6caabb1fe8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 12 Apr 2024 17:24:26 GMT
Last-Modified: Fri, 12 Apr 2024 15:30:47 GMT
Server: Apache
ETag: "50a91-615e7f4b98f47"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 330385

POST
H/1.1 200
OK admin-ajax.php Show response
unit42.paloaltonetworks.com/wp-admin/ 136 B
742 B 681ms
550ms Fetch
text/html 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unit42.paloaltonetworks.com/wp-admin/admin-ajax.php

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f4424b49e0a0f2e8fde41b393ce2c7afd9dd4b4e0d226e7f75541c37f47a4e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 12 Apr 2024 17:24:27 GMT
Connection: keep-alive
Content-Length: 129
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://unit42.paloaltonetworks.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Expires: Fri, 12 Apr 2024 17:24:27 GMT

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1712942667026
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1712942667026

217 B
825 B

132ms
132ms

XHR
application/json

54.228.84.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1712942667026

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Server

54.228.84.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-84-202.eu-west-1.compute.amazonaws.com

Software

Resource Hash

abb2087210446cbaedf71394dcf010dee59f6782fc99b2cbc277ee0a162d5bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v060-0f8336d9f.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 12 Apr 2024 17:24:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: EqtFHrV8TBY=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 213
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v060-07acbf80b.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 12 Apr 2024 17:24:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 4A9ObRCuQs0=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1712942667026
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 121ms
121ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12687
expires: Fri, 12 Apr 2024 18:24:27 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 3 KB
2 KB 125ms
125ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Fri, 12 Apr 2024 18:24:27 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 379ms
120ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:27 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-etou8220085-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 213ms
78ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 86101
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Thu, 11 Apr 2024 02:16:11 GMT
server: cloudflare
etag: 0x8DC59CD5B97611E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f0acd866-601e-005b-392a-8c00b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8734e8f62860e3db-TLV

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 89DF 0
0 388ms
151ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5EhgTAAAAAJa-DzE7EeWABasWg4LKv-R3ao6o&co=aHR0cHM6Ly91bml0NDIucGFsb2FsdG9uZXR3b3Jrcy5jb206NDQz&hl=iw&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=tbme1tk0fqew

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__iw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mMkoFOmroDJr2TnopOOe6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mMkoFOmroDJr2TnopOOe6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 17:24:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 8380accb-00d6-4b05-90ec-6d405f7310d6.json Show response
cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/ 5 KB
2 KB 233ms
103ms XHR
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/8380accb-00d6-4b05-90ec-6d405f7310d6.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba436e29a2c0cc102db63b1405f3498fa01e28662e5413bbd460c7be1103bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35678
content-md5: Gdu5pXKfQvcnYi1RzkO76A==
content-length: 1798
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2024 11:32:28 GMT
server: cloudflare
etag: 0x8DC473F17A7E2D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dfa8a074-701e-009c-2a09-7c94e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8734e8f78d37e3d7-TLV
expires: Sat, 13 Apr 2024 17:24:27 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
428 B 228ms
98ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff10c1fe39489bf9f57c9dc9e8ccc064dfdfd4dec949636d5deeba2a8f2da2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8734e8f8f81fe3d7-TLV
access-control-allow-headers: Content-Type

GET
H2 200 id Show response
sstats.paloaltonetworks.com/ 48 B
478 B 356ms
119ms XHR
application/x-javascript 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.paloaltonetworks.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=9A531C8B532965080A490D4D%40AdobeOrg&mid=74651174017486232630115124683999594441&ts=1712942667559

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

253986ae8f8555cea918d960c8674fb8eace0c93bd2f323031b08bb1f3de8d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Apr 2024 17:24:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://unit42.paloaltonetworks.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 78ms
78ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 40972
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8734e8f99e06e3db-TLV

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/018df4a9-4a0d-75e2-bc86-b4105f493f68/ 146 KB
32 KB 97ms
97ms Fetch
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/018df4a9-4a0d-75e2-bc86-b4105f493f68/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0894d66cd47070993e0dd1c832ee05978c6ea4ef1dc452c878fd64a95f1ee787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35679
content-md5: obxe/QKDJM8xJfx22ZiWRA==
content-length: 32207
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2024 11:32:37 GMT
server: cloudflare
etag: 0x8DC473F1D11D0C6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 38c3d830-c01e-000f-7809-7c4fef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8734e8fb1beee3d7-TLV
expires: Sat, 13 Apr 2024 17:24:28 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 13 KB
3 KB 85ms
84ms Fetch
application/json 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KLWFssuowJEtDumTaVZD/A==
age: 35679
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:28 GMT
server: cloudflare
etag: 0x8DC497526A04834
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8bb68bd1-c01e-006d-2626-7c8dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8734e8fc4e62e3d7-TLV

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/ 62 KB
13 KB 109ms
108ms Fetch
application/json 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZcF16z2xXnh51d4MuKhe/w==
age: 29446
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12808
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:30 GMT
server: cloudflare
etag: 0x8DC497527F063BE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2642379d-a01e-008f-6ec3-7bb0e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8734e8fc4e68e3d7-TLV

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 80ms
79ms Fetch
text/css 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 29446
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 56fa205d-c01e-006d-6a60-7b8dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8734e8fc4e69e3d7-TLV

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
99 KB 379ms
137ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e298f061795a29026418ba494d572c118e15a01eb92eb0e5bb7d989e4a5408ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 17:24:28 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 217 B
834 B 131ms
131ms XHR
application/json 54.228.84.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&d_mid=74651174017486232630115124683999594441&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=ecid_id%0174651174017486232630115124683999594441%011&ts=1712942668175

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.228.84.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-84-202.eu-west-1.compute.amazonaws.com

Software

Resource Hash

dbf6d8c90fdd2bf4b8ebf961fa4dc6e72176eb900819cd82f5f2f4ce8e64864c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-2-v060-0c1dab532.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: kkQ7UabDRFU=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
x-error: 300
content-length: 211
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 e78feef73ff94c88.min.js Show response
scripts.demandbase.com/adobeanalytics/ 5 KB
3 KB 368ms
117ms Script
application/javascript 18.245.46.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/adobeanalytics/e78feef73ff94c88.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-89.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c9c183c8efe02b849d685a1a9b5989159335f62e89d0510162efef636d90c84e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 42._nTKlB0W0a7nUUVM5_0UTxFNlGqWt
content-encoding: gzip
via: 1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
date: Fri, 12 Apr 2024 05:22:09 GMT
last-modified: Thu, 11 Feb 2021 17:03:06 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 43384
etag: W/"2c4db711e40a8d2f0e54d9ff6d4a1c6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: 8WZXoGIcca8_D1OMjL1C0JonQ8DqR_8X7XILTAQeNAifCyZ3Q6M4tg==

GET
H2 200 RC28af36aced42454081fe164153d8348f-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 354 B
486 B 125ms
125ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC28af36aced42454081fe164153d8348f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cfc33e590cf809e494f4305e2cbb199096b553439a0dea8f0b4832bdf192e8ff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:28 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 223
expires: Fri, 12 Apr 2024 18:24:28 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 74ms
74ms Image
image/svg+xml 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 36601
x-ms-lease-status: unlocked
last-modified: Thu, 11 Apr 2024 16:21:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a4b11dba-201e-004a-5288-8c9a0c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8734e8fd1c31e3db-TLV

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 80ms
79ms Fetch
image/svg+xml 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 29446
x-ms-lease-status: unlocked
last-modified: Thu, 11 Apr 2024 16:21:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 36938061-101e-001c-5297-8c6be3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8734e8fd2ff3e3d7-TLV

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 78ms
77ms Image
image/png 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 48519
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Thu, 11 Apr 2024 16:21:27 GMT
server: cloudflare
etag: 0x8DC5A4370955081
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 079ec9a3-201e-0075-4388-8c52af000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8734e8fd3c5be3db-TLV

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 79ms
79ms Image
image/svg+xml 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 40884
x-ms-lease-status: unlocked
last-modified: Thu, 11 Apr 2024 16:21:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: db615932-101e-0023-5a43-8ca340000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8734e8fd3c5ee3db-TLV

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
1 KB 406ms
166ms Script
application/javascript 18.66.102.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?auth=mTSWoP7tDDj1bmrfd7DoCwq1MAt3SukHko7rQP5o&callback=Dmdbase_CDC.callback
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e761de8e6a6da96985c89bad27c4b8d8fba994a88125ecdccdb14b3f12eeb56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:28 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
api-version: v2
request-id: 6f9d0877-e3fb-4bea-9622-e52f084e5e54
x-amz-cf-id: 5ydWYcTaFYfPJzaMSUkfnvf_lk-FH50fWocYYPdS_QYZZKtfGMmqeQ==
expires: Thu, 11 Apr 2024 17:24:28 GMT

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 1F57 0
0 133ms
129ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=iw&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6Lc5EhgTAAAAAJa-DzE7EeWABasWg4LKv-R3ao6o

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__iw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1VaSF8V6vygIQRJ7SBUDGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1VaSF8V6vygIQRJ7SBUDGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 17:24:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
paloaltonetworks.tt.omtrdc.net/rest/v1/ 35 KB
7 KB 441ms
156ms XHR
application/json 66.235.152.221
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://paloaltonetworks.tt.omtrdc.net/rest/v1/delivery?client=paloaltonetworks&sessionId=a8202364c226478aac30088392b023c0&version=2.10.3

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.221 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-221.data.adobedc.net

Software

jag /

Resource Hash

f0f8297af6690316b315d6e33ec65b3df2a827e3b4364f516f454e5bc03a124c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 20cf712b-6262-4fac-8efa-43cdf48244e1

GET
H2 200 RC1ba209eafbf24a43b52ee8d5ad4fddb4-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 662 B
663 B 128ms
126ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC1ba209eafbf24a43b52ee8d5ad4fddb4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9f5dcaa7482de7a0ceb01f30b7731db2d6c98e2db7d31b58647effefdca45ca

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 400
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RCa6b75a1a06db41fcba7618ecd1def1f2-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 630 B
648 B 128ms
127ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCa6b75a1a06db41fcba7618ecd1def1f2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 96f5448fff9d445e080e2485513a9e70b7fa141ba295e3c45b2f828ff23ef6bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 384
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RC34b76ac432444262961778f97b726c8f-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 3 KB
999 B 146ms
145ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC34b76ac432444262961778f97b726c8f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b44d4b521f52cdbd4ccf5783c953f127b92edf92da773c4f355ca2fdba31e8d3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 735
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RC082a66fa0b6747cb92eab7a905827129-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 1 KB
891 B 127ms
126ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC082a66fa0b6747cb92eab7a905827129-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 939a2e63d498e26ea2554a148a2d0f53c49720652f4c602aaca74a600ef314d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 627
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RCacab78eb80cf481aaf1d501e13504c2f-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 729 B
689 B 127ms
127ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCacab78eb80cf481aaf1d501e13504c2f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a563fe17ead20f9da7790f6892a9efe8b5a109a85c4d1ebc9778649496a0a2bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 425
expires: Fri, 12 Apr 2024 18:24:29 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
262 B 303ms
119ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KS2MELEEFC&gtm=45je44a0v880354802za200&_p=1712942668173&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tt=&cid=1688756973.1712942669&ul=he-il&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&uid=&dl=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&sid=1712942669&sct=1&seg=0&dt=Threat%20Brief%3A%20Operation%20MidnightEclipse%2C%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false&ep.channel=unit42&ep.container=&ep.db_comp_employee_range=&ep.db_comp_industry=&ep.db_comp_name=&ep.db_comp_sub_industry=&ep.db_comp_web_site=&ep.gtm_internalonlytags=&ep.page_name=unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&ep.target_audience_persona=&ep.search_term=&tfd=5722
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 354ms
117ms Ping
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KS2MELEEFC&cid=1688756973.1712942669&gtm=45je44a0v880354802za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
408 B 393ms
145ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KS2MELEEFC&cid=1688756973.1712942669&gtm=45je44a0v880354802za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=293945075

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 380ms
119ms Script
text/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 16:11:51 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4358
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 12 Apr 2024 18:11:51 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 614ms
206ms Script
application/x-javascript 104.102.141.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.141.31 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-141-31.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 375ms
124ms Script
application/javascript 2.20.71.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.71.71 Madrid, Spain, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-20-71-71.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 07:42:51 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=25821
accept-ranges: bytes
content-length: 17238

GET
H2 200 RC13e9f22b2bc04577a29e9d3b7ee63319-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 579 B
628 B 120ms
120ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC13e9f22b2bc04577a29e9d3b7ee63319-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4dbd791d454fa9a2fc189a4dd70e583059c6e24bfd3d7980f016dbcf7498a88d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 364
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RCdb082c988a4b49f89e6c7977a48a7cbc-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 2 KB
1 KB 122ms
121ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCdb082c988a4b49f89e6c7977a48a7cbc-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 87b86cadece9b98f6248b8b6ec7187ec2579e69c94c4b9589e8385d0162fbb1e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 871
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RC907e8db187884e00b0a52415cea7d3bb-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 1 KB
873 B 121ms
120ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC907e8db187884e00b0a52415cea7d3bb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5b9f64af57093c3ea1d2898a2cf985f4bd12933f5367a1cd5c8db3e71b385a05

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 609
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 285ms
147ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 12 Apr 2024 17:24:28 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4F25115D10D64A4CBB2A649FDD908425 Ref B: TLV30EDGE0121 Ref C: 2024-04-12T17:24:29Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 RCf6d5e26d452f4c7c9f8c8fd1b87a3dc2-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 797 B
725 B 121ms
120ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCf6d5e26d452f4c7c9f8c8fd1b87a3dc2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 70b62699855b1bd30c696b1797adb66b41dd584e253ed4f8abe0ca4d245ccd4d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 461
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 561ms
312ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3ba4144d-003b-4233-abd6-cad627fedf01&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40807aa2-26bf-4d72-9ee7-642780ffb3ed&tw_document_href=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nx71z&type=javascript&version=2.3.30

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 191
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: aad73d5f7cba092f
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 696f91257de5ac8febb3f3f29756dbdf44e887c3963dc15ff03ef940da58085a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 577ms
304ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3ba4144d-003b-4233-abd6-cad627fedf01&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40807aa2-26bf-4d72-9ee7-642780ffb3ed&tw_document_href=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nx71z&type=javascript&version=2.3.30

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 173
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a67de72c7c23fad5
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: c36a7e6a16469b514d8332547ddc88c298dcaa9a2723f3b9d4c6aca18ef56e20
content-length: 43

GET
H2 200 RC34ff6b65ee6a440dbe8e14e408a797c5-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 704 B
698 B 120ms
120ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC34ff6b65ee6a440dbe8e14e408a797c5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 49b09b2bc843604d649192a9968ecb03324caad58e71bea935df27b0d1e280d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 434
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
87 KB 132ms
132ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-836073641

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5967a0bdc33f6d9cdf4d5cee3616352d2fd8364783b962dbd699524f24a981b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88911
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 17:24:29 GMT

POST
H2 200 s54257708222823 Show response
sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LDQM/ 43 B
351 B 120ms
120ms XHR
image/gif 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LDQM/s54257708222823

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 13 Apr 2024 17:24:29 GMT
server: jag
etag: 3678516372280705024-4618548927946274991
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 11 Apr 2024 17:24:29 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/836073641/ 3 KB
1 KB 406ms
156ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/836073641/?random=1712942669331&cv=11&fst=1712942669331&bg=ffffff&guid=ON&async=1&gtm=45be44a0v873032592za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&hn=www.googleadservices.com&frm=0&tiba=Threat%20Brief%3A%20Operation%20MidnightEclipse%2C%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400&npa=0&pscdl=noapi&auid=583543836.1712942669&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-836073641

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3fa63f9a558f1666fc72c1c0cf203632f865b96e556557449978e7f60ede24fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 133ms
132ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12123386

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

79a82f797c18beaaed92c165374c8ef991083d6e2efb386f0732378769949b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73039
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 17:24:29 GMT

POST
H2 200 delivery Show response
paloaltonetworks.tt.omtrdc.net/rest/v1/ 379 B
402 B 143ms
142ms XHR
application/json 66.235.152.221
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://paloaltonetworks.tt.omtrdc.net/rest/v1/delivery?client=paloaltonetworks&sessionId=a8202364c226478aac30088392b023c0&version=2.10.3

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.221 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-221.data.adobedc.net

Software

jag /

Resource Hash

ff7e73495d2e8f7f4430a24209857c0350b677f14c3c0121dc2f8e0f9b9f8453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 3ee744f8-0994-4c41-83f1-e6cab8bef0b3

GET
H2 200 211019041.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 138ms
138ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211019041.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

633b5dad58169476f5ba213320dec29ef99c360a52d43df8bdadda422a48ba96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 12 Apr 2024 17:24:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46152694DD2B45E0B0111BE296ED92BD Ref B: TLV30EDGE0121 Ref C: 2024-04-12T17:24:29Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 138ms
137ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211019041&tm=al001&Ver=2&mid=c7ac7a66-0191-43a7-9afd-86aecb8a021b&sid=84ca9180f8f111eebb21758b2c849a04&vid=84cab3f0f8f111ee967c53172d1ee5a9&vids=1&msclkid=N&pi=918639831&lg=he-IL&sw=1600&sh=1200&sc=24&tl=Threat%20Brief%3A%20Operation%20MidnightEclipse,%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400&p=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&r=&lt=3461&pt=1712942663300,,,,,1827,1827,1827,1827,1827,,1828,1977,2025,1989,3460,3460,3461,,,&pn=0,0&evt=pageLoad&sv=1&rn=484828

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Apr 2024 17:24:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FAC80171D594602A8C01DFB6E7E9A05 Ref B: TLV30EDGE0121 Ref C: 2024-04-12T17:24:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Unit42-blog-2by1-characters-r4d1-2020_Vulnerability-green.png
unit42.paloaltonetworks.com/wp-content/uploads/2024/03/ 136 KB
136 KB 158ms
156ms Image
image/png 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unit42.paloaltonetworks.com/wp-content/uploads/2024/03/Unit42-blog-2by1-characters-r4d1-2020_Vulnerability-green.png

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

44ad8f1e161fcd6ac2dd12fd4fb3195d4225e8e6fd6f732092a83e5849f4d28f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' paloaltonetworks.com .paloaltonetworks.com paloaltonetworks.jp .paloaltonetworks.jp unit42.com *.unit42.com ;, object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=15811200
Content-Security-Policy: frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.jp *.paloaltonetworks.jp unit42.com *.unit42.com ;, object-src 'none'
X-Content-Type-Options: nosniff
Date: Fri, 12 Apr 2024 17:24:29 GMT
Last-Modified: Sun, 31 Mar 2024 01:18:31 GMT
Server: Apache
ETag: "21ef3-614eaa6b400de"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=42497
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138995

GET
H/1.1 200
OK Unit42-blog-2by1-characters-r4d1-2020_Cyber-squatting-v3.png
unit42.paloaltonetworks.com/wp-content/uploads/2024/04/ 31 KB
31 KB 162ms
161ms Image
image/png 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unit42.paloaltonetworks.com/wp-content/uploads/2024/04/Unit42-blog-2by1-characters-r4d1-2020_Cyber-squatting-v3.png

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-151-6.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f49dc6b21882d7b0f6f8bee96b020068ae7dcf9c15744767a9d9f4955e78be8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' paloaltonetworks.com .paloaltonetworks.com paloaltonetworks.jp .paloaltonetworks.jp unit42.com *.unit42.com ;, object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=15811200
Content-Security-Policy: frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.jp *.paloaltonetworks.jp unit42.com *.unit42.com ;, object-src 'none'
X-Content-Type-Options: nosniff
Date: Fri, 12 Apr 2024 17:24:29 GMT
Last-Modified: Sat, 06 Apr 2024 16:44:57 GMT
Server: Apache
ETag: "7b34-615704ae6dbb7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=42557
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31540

GET
H2 200 video-play-black.svg
www.paloaltonetworks.com/etc/clientlibs/clean/imgs/ 237 B
507 B 139ms
138ms Image
image/svg+xml 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/video-play-black.svg

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2067dafdf98d33eace39dcadf5e75aa8b39309acc3f163bd2de74b69b8fdc962

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none'
content-encoding: br
strict-transport-security: max-age=15811200
last-modified: Fri, 29 Mar 2024 08:21:12 GMT
server: Akamai Resource Optimizer
date: Fri, 12 Apr 2024 17:24:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=259200
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1712942669710_34831290_99916010_171_14707_54_0_146";dur=1
accept-ranges: bytes
content-length: 147
expires: Mon, 15 Apr 2024 17:24:29 GMT

GET
H2 200 Decimal-Bold-Pro_Web.woff2
www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/decimal/ 50 KB
51 KB 137ms
137ms Font
application/octet-stream 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/decimal/Decimal-Bold-Pro_Web.woff2

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1e972a7f6e90a683c20bf8bafedc981e3b551156835c5b70d91c913c1da8434a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15811200
content-security-policy: frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
date: Fri, 12 Apr 2024 17:24:29 GMT
last-modified: Fri, 05 Apr 2024 10:11:39 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1712942669733_34831290_99916024_160_10415_58_0_255";dur=1
accept-ranges: bytes
content-length: 51303
expires: Fri, 19 Apr 2024 17:24:29 GMT

GET
H2 200 merriweather-v21-latin-regular.woff2
www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/merriweather/ 19 KB
19 KB 131ms
130ms Font
application/octet-stream 23.197.4.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/etc/clientlibs/clean/dependencies/fonts/merriweather/merriweather-v21-latin-regular.woff2

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.197.4.130 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-4-130.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
Strict-Transport-Security	max-age=15811200
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15811200
content-security-policy: frame-ancestors 'self' paloaltonetworks.com *.paloaltonetworks.com paloaltonetworks.hub.nexuscenter.io;, object-src 'none'
date: Fri, 12 Apr 2024 17:24:29 GMT
last-modified: Fri, 05 Apr 2024 10:02:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712942669733_34831290_99916025_36_10279_58_0_255";dur=1
accept-ranges: bytes
content-length: 19300
expires: Fri, 19 Apr 2024 17:24:29 GMT

GET
H3

200

ga-audiences
www.google.co.il/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=494251326&utmhn=unit42.paloaltonetworks.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=he-il&utmje=0&utmfl=-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326
https://www.google.co.il/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326&slf_rd=1&random=2955507729

42 B
63 B

145ms
145ms

Image
image/gif

172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326&slf_rd=1&random=2955507729

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.il/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-494959-2&cid=1688756973.1712942669&jid=412290351&_v=5.7.2&z=494251326&slf_rd=1&random=2955507729
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&cookiesTest...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1117%26time%3D1712942669677%26li_adsId%3D6cacb6bb-93ee-4d79-b310-e3d353de73fe%26u...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&cookiesTest...

0
163 B

212ms
212ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&cookiesTest=true&liSync=true
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Apr 2024 17:24:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E6B514295A1249DFA5B4E1AE64BAE137 Ref B: TLV30EDGE0306 Ref C: 2024-04-12T17:24:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYV6Ytmup/DDBrUGZgKsg==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 17:24:30 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYV6YtjLDeSvJ21CSLQOw==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 62F5D08E18224D65ABC4A79DD9D688FC Ref B: TLV30EDGE0306 Ref C: 2024-04-12T17:24:30Z
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1117&time=1712942669677&li_adsId=6cacb6bb-93ee-4d79-b310-e3d353de73fe&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CK-4-9qYvYUDFZX0OwIdvOgIHQ;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F;u...
12123386.fls.doubleclick.net/ Frame 053C
Redirect Chain

https://12123386.fls.doubleclick.net/activityi;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2...
https://12123386.fls.doubleclick.net/activityi;dc_pre=CK-4-9qYvYUDFZX0OwIdvOgIHQ;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.palo...

0
0

160ms
159ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12123386.fls.doubleclick.net/activityi;dc_pre=CK-4-9qYvYUDFZX0OwIdvOgIHQ;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12123386

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 377
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 17:24:30 GMT
expires: Fri, 12 Apr 2024 17:24:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 17:24:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12123386.fls.doubleclick.net/activityi;dc_pre=CK-4-9qYvYUDFZX0OwIdvOgIHQ;src=12123386;type=allpa0;cat=globa0;ord=7514214670189;npa=0;auiddc=583543836.1712942669;u1=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e78feef73ff94c88.min.js Show response
tag.demandbase.com/ 77 KB
22 KB 158ms
139ms Script
application/javascript 18.245.46.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/e78feef73ff94c88.min.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-89.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

063ec37c577626759abb6b5a3c13e9b4e9ee70c6927ec4f6b34637786c536dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: jPI_SEQgONR_9iJRGSVndKCJ_iZAau8Q
content-encoding: gzip
via: 1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
date: Fri, 12 Apr 2024 16:43:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 2445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 29 Mar 2024 22:48:39 GMT
server: AmazonS3
etag: W/"a2ba888d0337a22dee6665e289f6bf1b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: F_iOK0YoCURVOwla61Z_HN9a3jAMZggWNtEIzmoR-Hkr3tngF_sNbQ==

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 401ms
122ms Script
application/javascript 52.222.232.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 16:48:31 GMT
content-encoding: gzip
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 2160
x-amz-server-side-encryption: AES256
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: JT6iRhBBJQlYhQLYC5-8USIDIs29vgZAbV7a8JMApFXZ_eqseBRVwQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 374ms
125ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Apr 2024 17:24:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=12, mss=1380, tbw=2765, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: /nxfcmlcHZ4Qm82QmGHblKiU+Fj/d/6Kg0H99Wu+09aw4TGveFWkqWshAq8LCFktUtZKtiZ1GjxUDkNM4PfVLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 294ms
160ms Script
text/javascript 104.18.36.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.36.196 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 40180
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 8734e906caa8e3e7-TLV
expires: Fri, 12 Apr 2024 17:44:29 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
118 B 296ms
295ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=71ef4e61-8ccd-4f2e-8b99-be3dc31ed9b8&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40807aa2-26bf-4d72-9ee7-642780ffb3ed&tw_document_href=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&tw_iframe_status=0&txn_id=nvh9f&type=javascript&version=2.3.30

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 173
date: Fri, 12 Apr 2024 17:24:29 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a98f9b601ff9bbc8
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 696f91257de5ac8febb3f3f29756dbdf44e887c3963dc15ff03ef940da58085a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
426 B 318ms
316ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=71ef4e61-8ccd-4f2e-8b99-be3dc31ed9b8&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40807aa2-26bf-4d72-9ee7-642780ffb3ed&tw_document_href=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&tw_iframe_status=0&txn_id=nvh9f&type=javascript&version=2.3.30

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 185
date: Fri, 12 Apr 2024 17:24:28 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d9c557c36b303f6d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: c36a7e6a16469b514d8332547ddc88c298dcaa9a2723f3b9d4c6aca18ef56e20
content-length: 43

GET
H2 200 RCced539bfc42a4483b505ca9eb4a11693-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 924 B
742 B 123ms
122ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCced539bfc42a4483b505ca9eb4a11693-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a6c9e227829b7521e9cbcc4817d978bd8d69d0eb19dde9b3b9fe7f798614217c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 478
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RCf7caa0653f2e4dad8230aa618eb63891-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 786 B
729 B 123ms
123ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCf7caa0653f2e4dad8230aa618eb63891-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9e44e02657bfb367983e7ecedb3f701dd96798151f712506c4cd5027b9646341

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 465
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RC41352cb856824ce28244bb1b4777d220-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 872 B
774 B 123ms
120ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC41352cb856824ce28244bb1b4777d220-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a6593748a2bf54b29a651498c996823b8d4f6ad9021fcf14678cb38afcc247c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 511
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 RCb7f90ed4e560455faf4912cffe14ac18-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 652 B
664 B 123ms
121ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCb7f90ed4e560455faf4912cffe14ac18-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a150cf580eae66fdf504d6ac0ab85bb72a811fdd3f6bcd09b67d869d5827729e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 401
expires: Fri, 12 Apr 2024 18:24:29 GMT

GET
H2 200 211019041 Show response
www.clarity.ms/tag/uet/ 846 B
1 KB 568ms
370ms Script
application/x-javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/211019041
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/211019041.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4006e5423105d0b2dba863c8816ae5b4241e6433127a0e4157796787e559d5eb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 12 Apr 2024 17:24:30 GMT
x-azure-ref: 20240412T172429Z-1659cf84c9fzjmbxgf4b48xcyg00000002hg0000000016t6
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 846
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 225ms
225ms Script
application/x-javascript 104.102.141.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.141.31 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-141-31.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 21 Jul 2024 17:24:29 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/836073641/ 42 B
64 B 130ms
129ms Image
image/gif 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/836073641/?random=1712942669331&cv=11&fst=1712941200000&bg=ffffff&guid=ON&async=1&gtm=45be44a0v873032592za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&frm=0&tiba=Threat%20Brief%3A%20Operation%20MidnightEclipse%2C%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqIKHqrycgWkCaKxKnaaGIEEQ7rfhdvg&random=4058068954&rmt_tld=0&ipr=y

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.il/pagead/1p-user-list/836073641/ 42 B
154 B 132ms
131ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/pagead/1p-user-list/836073641/?random=1712942669331&cv=11&fst=1712941200000&bg=ffffff&guid=ON&async=1&gtm=45be44a0v873032592za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&frm=0&tiba=Threat%20Brief%3A%20Operation%20MidnightEclipse%2C%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqIKHqrycgWkCaKxKnaaGIEEQ7rfhdvg&random=4058068954&rmt_tld=1&ipr=y

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 9 KB
4 KB 358ms
115ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 04:57:49 GMT
Content-Encoding: gzip
Via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 44802
x-amz-server-side-encryption: AES256
ETag: W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Ls9WAFmu37Zakh1LEF4sT-b-3CQbGHC3waOJbB11jBhuuHM5_m7vpg==

GET
H2 200 sync
s.company-target.com/s/ Frame 7433 0
0 344ms
197ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e78feef73ff94c88.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Fri, 12 Apr 2024 17:24:30 GMT
via: 1.1 google

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
1 KB 166ms
165ms XHR
application/json 18.66.102.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&page_title=Threat%20Brief%3A%20Operation%20MidnightEclipse%2C%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e78feef73ff94c88.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 204103aae0ac5c701f9a4a9312611ca15569d2efa03b68dd1f5ea19618f9b78e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Apr 2024 17:24:29 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 4edbaa0f-f19a-4efb-a1f7-194608cf0579
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://unit42.paloaltonetworks.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h_ZLuy7m423a1UJ_MHnS7HgLkyY09QjaqGvnAJenQ8Zqq_FiSKKzOA==
expires: Thu, 11 Apr 2024 17:24:29 GMT

POST
H/1.1 200
OK visitWebPage
531-ocs-018.mktoresp.com/webevents/ 2 B
318 B 1024ms
194ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://531-ocs-018.mktoresp.com/webevents/visitWebPage?_mchNc=1712942669972&_mchCn=&_mchId=531-OCS-018&_mchTk=_mch-paloaltonetworks.com-1712942669972-51615&_mchHo=unit42.paloaltonetworks.com&_mchPo=&_mchRu=%2Fcve-2024-3400%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=9A531C8B532965080A490D4D%40AdobeOrg%3A6%3A74651174017486232630115124683999594441&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:30 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 94d9eee8-b99c-48a5-82b1-3094039d11db

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
440 B 216ms
216ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1266478&r=1712942670011&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 1266478
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:30 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPr8UYA3NtIaQe0PzMlMWh6qa6PL_zRhBHGPLX4pQB7yFCseyu9e2b0dwHSpQUsGuAf1iVs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Fri, 12 Apr 2024 18:24:30 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 342ms
206ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1266478&r=1712942670011&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://unit42.paloaltonetworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Apr 2024 17:24:30 GMT
expires: Fri, 12 Apr 2024 17:24:30 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPqYqFX8U_6qBSGeWCZ_HW2Tqeo9Mdj7p-M4gwukzxziCKXpXQE0DlTJe77KHZUNUQqIX_Q

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
417 B 498ms
250ms XHR
text/html 143.204.98.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=h_ZLuy7m423a1UJ_MHnS7HgLkyY09QjaqGvnAJenQ8Zqq_FiSKKzOA==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e78feef73ff94c88.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-127.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Fri, 12 Apr 2024 02:31:54 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 53557
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: hRu5AIDGm11ZYfqCNAAY9uMUrALh5LcyklgKXwnbizMW6R97MeuWSg==

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
1 KB 528ms
263ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&s=109287

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b83f5900d4f38ac3a78809b3448fb9b18b86493a2df5693c16b0cab07122c59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://unit42.paloaltonetworks.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78iI5LQWYIra2Oh91L%2FXRXT4e1gELlw6OpCUZHiDCPUesqmVT%2FohgXZqg2oL8BwM5l%2BQM5YcphQIR1g958ywXKV1waT3UfGoXTsYNENHhUWOZ8VWFH6JexJ%2F%2BESzXvJqssc21KDWjTmeNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 8734e90a5bd5524a-MXP
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H3 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 207ms
76ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:30 GMT
x-amz-version-id: jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: M04HPBTPY5GDBBF5
age: 1295444
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified: Thu, 28 Mar 2024 17:33:19 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag: W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 8734e909c9efe3db-TLV
expires: Fri, 12 Apr 2024 21:24:30 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 33 KB
11 KB 273ms
70ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?123
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 16:35:09 GMT
via: 1.1 google
content-encoding: br
age: 2961
x-guploader-uploadid: ABPtcPrFci8qHEIIQn01VD3vZuWSdVYTf-vWMTd-HdWT25VncxSOLzyawV_66Hfa6FLLh_2B_FeRRJN33Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10617
last-modified: Tue, 19 Mar 2024 18:01:29 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1710871289439515
x-goog-hash: crc32c=HinCJA==, md5=x4MOkeS+jF0j70aOQ9M5fQ==
content-type: application/javascript
cache-id: TLV-6dab4cda
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34224
accept-ranges: bytes

GET
H2 200 292776655893647 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 185ms
183ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292776655893647?v=2.9.153&r=stable&domain=unit42.paloaltonetworks.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

806ee0e64518a7cab77fec782698b2108a0b7eb0b32537137e5a7946625236bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Apr 2024 17:24:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=61, mss=1380, tbw=63153, tp=-1, tpl=-1, uplat=58, ullat=0
pragma: public
x-fb-debug: k34uin0wZ7oG7pDieKfQq9FTeDtAZlVZDbmtii3YKsk30LfFfCA7WPXUyYg1ivFEOttmz3AuOOiGmaq8NDy5Qg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.27/ 60 KB
25 KB 86ms
86ms Script
application/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.27/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/211019041
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:30 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 23:38:07 GMT
etag: W/"0x8DC536DF2EAB768"
vary: Accept-Encoding
x-azure-ref: 20240412T172430Z-1659cf84c9fzjmbxgf4b48xcyg00000002hg0000000016tf
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c7785de8-201e-0051-5575-8bb357000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 362ms
119ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292776655893647&ev=PageView&dl=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&rl=&if=false&ts=1712942670474&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4125&fbp=fb.1.1712942670473.2031054814&ler=empty&cdl=API_unavailable&it=1712942670253&coo=false&rqm=GET

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1380, tbw=2757, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 Apr 2024 17:24:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/7cd4236b015048858d5e467aedf4699e/ 43 B
421 B 782ms
194ms Image
image/gif 52.21.250.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/7cd4236b015048858d5e467aedf4699e/pixel?j=1&u=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&tag=ViewContent&ts=1712942670478

Requested by

Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.250.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-250-58.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,a9cc94200420c85717c1dacc72ffc82a,10.0.0.99,29424,31.187.78.133,,227766016511,1,1712942671.172,0.002,,.,0,0,0.000,0.004,-,0,0,203,110,55,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 133ms
132ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50023&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&pv=1712942670496_rwf12qdt8&bl=he-il&cb=4083707&return=&ht=&d=&dc=&si=1712942670496_rwf12qdt8&cid=&s=1600x1200&rp=&v=2.7.1.157
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:30 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
307 B 643ms
210ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://unit42.paloaltonetworks.com
Date: Fri, 12 Apr 2024 17:24:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
BLOB 200
OK fa08ba9b-0a2a-4fd4-9aee-e853a9ff215a
https://unit42.paloaltonetworks.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://unit42.paloaltonetworks.com/fa08ba9b-0a2a-4fd4-9aee-e853a9ff215a
Requested by: Host: unit42.paloaltonetworks.com
URL: https://unit42.paloaltonetworks.com/cve-2024-3400/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
307 B 1010ms
466ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://unit42.paloaltonetworks.com
Date: Fri, 12 Apr 2024 17:24:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 3982 287 KB
93 KB 365ms
138ms Script
application/javascript 52.222.232.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e865cf013eaa0223f508139bd864e5a3f2b88fc1857c0bc714cc48389a3ea82f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://unit42.paloaltonetworks.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Jan 2024 18:33:34 GMT
content-encoding: gzip
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 6735057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
etag: W/"ba41e1e15fa64ba31fd66b66e19eb16f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: dUDg6kqiqwfiGJqETCXzyhM57vLBGIyvCJ7lkAl6ZG9rV9IAba257g==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
203 B 218ms
218ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://unit42.paloaltonetworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 031D2E64A99D45FAA85D1FC522D26674 Ref B: TLV30EDGE0306 Ref C: 2024-04-12T17:24:30Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://unit42.paloaltonetworks.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYV6YtqFtTFaqSi7i3AKQ==

GET
H2 200 RC0ea03951ce934dc58e3830f121e9be1a-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 596 B
528 B 120ms
120ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RC0ea03951ce934dc58e3830f121e9be1a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 046a4e8f010401fd9cdf21990e0f4ec29f0ad66806d1ab41226d10ebfa6561e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:31 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 264
expires: Fri, 12 Apr 2024 18:24:31 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE2EE2F3897A41BE98F57BA32915F88C&RedC=c.clarity.ms&MXFR=33F4157A1C6A68642A390125186A6617
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE2EE2F3897A41BE98F57BA32915F88C&MUID=09EE6B8F42F46749104D7FD0438966CC

42 B
442 B

140ms
139ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE2EE2F3897A41BE98F57BA32915F88C&MUID=09EE6B8F42F46749104D7FD0438966CC
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:31 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EBB249F3171C4C14A0A5297E90152F65 Ref B: TLV30EDGE0121 Ref C: 2024-04-12T17:24:31Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE2EE2F3897A41BE98F57BA32915F88C&MUID=09EE6B8F42F46749104D7FD0438966CC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 119ms
119ms Image
image/png 52.222.232.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Jan 2024 18:19:45 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 6735887
etag: "35ce74c31e3ef54462a234340af702d7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: I6xbVGXSdK99LkdxgYFU8MfmyDFQinq7TestZD_b64pXZbwW5uHLgA==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
647 B 120ms
120ms Image
image/png 52.222.232.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 06 Feb 2024 20:40:33 GMT
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 5690638
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 277
x-amz-cf-id: -uPMTldG8Ox3IjMaIl8G-DuW5s1J2ACe6Csn8tekAr3gEfYJEbulVw==

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame 9C3C
Redirect Chain

https://insight.adsrvr.org/track/up?adv=4vc17dm&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&upid=jnrvx4g&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=4vc17dm&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&upid=jnrvx4g&upv=1.1.0

0
0

136ms
130ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=4vc17dm&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&upid=jnrvx4g&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://unit42.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 12 Apr 2024 17:24:31 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 321
date: Fri, 12 Apr 2024 17:24:31 GMT
location: https://match.adsrvr.org/track/upb/?adv=4vc17dm&ref=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&upid=jnrvx4g&upv=1.1.0
server: Kestrel

GET
H/1.1 200
OK icon-Unit42-32x32.png
unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/favicon/ 780 B
1017 B 159ms
157ms Other
image/png 92.123.151.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://unit42.paloaltonetworks.com/wp-content/themes/unit42-v5/favicon/icon-Unit42-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.151.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-151-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0a4a89f730bfebb50c71064238ac11eb20fbb6233c7a814822e926e3b3df57fc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/cve-2024-3400/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 17:24:31 GMT
Last-Modified: Fri, 16 Feb 2024 13:57:52 GMT
Server: Apache
ETag: "30c-6118021470046"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 780

GET
H2 200 RCd2ee24619cff4fd8804c7f7e33fba95b-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/ 1 KB
900 B 121ms
120ms Script
application/x-javascript 23.211.8.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/4717e3d4af71/RCd2ee24619cff4fd8804c7f7e33fba95b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.45 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ed8cf026c5ba15839e482152ef830232ebd12a4558e97e4c5e3b0865d6e54434

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:31 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 11:14:02 GMT
server: AkamaiNetStorage
etag: "c2ef9b3026936de2c2617309791fd407:1712834042.828266"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 636
expires: Fri, 12 Apr 2024 18:24:31 GMT

POST
H2 200 s5252761526731
sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LDQM/ 43 B
318 B 122ms
120ms Ping
image/gif 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LDQM/s5252761526731?AQB=1&ndh=1&pf=1&t=12%2F3%2F2024%2020%3A24%3A31%205%20-180&cid.&ecid_id.&id=74651174017486232630115124683999594441&as=1&.ecid_id&.cid&mid=74651174017486232630115124683999594441&aamlh=6&ce=UTF-8&pageName=unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&g=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&cc=USD&ch=unit42&server=unit42.paloaltonetworks.com&events=event150%2Cevent154&c1=10%3A24%20AM%7CFriday&v1=10%3A24%20AM%7CFriday&c2=First%20Visit&v2=First%20Visit&c4=1&v4=1&c5=New&v5=New&c6=threat%20brief%3A%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&v6=threat%20brief%3A%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&c7=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&v7=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&c14=Launch%3AAll%20Websites2.25.0%7C2021-01-02&c17=41&c26=Unit%2042&c27=command%20injection%2Ccve-2024-3400%2Cmidnighteclipse%2Cpython&c43=unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&c44=en_us&v44=en_us&c45=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&c47=VisitorAPI%20Present&v48=125367654%3AGlilot%20Capital%20Partners%3AFinancial%20Services%3AInvestment%20Services%3ASmall%3AUnknown%3ASMB%3AISP%20Visitor&v49=Glilot%20Capital%20Partners%3A6371%3A12%3AISP%20Visitor%3A%2B972%2073-705-5750%3Atrue%3Atrue%3Afalse&c50=u42-tile%3Arec%3Atoggle%3Acollapse&v50=ISP%20Visitor%3AHerzliya%3ATA%3AISP%20Visitor%3AIL%3AIsrael%3AISP%20Visitor%3AISP%20Visitor&v51=TEFINCOM%20S.A.%3ATel%20Aviv%3ATA%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AIsrael%3AIL&v52=ISP%20Visitor%3A32.08%3A34.78%3Afalse%3A524292%3ALow%3ADetailed%3AISP%20Visitor&v53=glilotcapital.com%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor&v58=41&c62=false%7C%2CC0001%2CC0002%2CC0003%2CC0004%2C&v62=unit42&v63=unit42.paloaltonetworks.com&v66=74651174017486232630115124683999594441&c74=AN%3A%20New%20Page%20Element%20Link%20Tracking&c75=PANW%3A%20Core%20WWW%20Websites&v75=eb6ea16a236e32e9f03e3f2db10a6e93&v97=unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&v117=Direct&v118=Direct&v135=u42-tile%3Arec%3Atoggle%3Acollapse&v136=u42-tile%3Arec%3Atoggle%3Acollapse&v140=no-machine-id&v165=unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&v220=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&v248=1600x1200&pe=lnk_o&pev2=Link%20Click%3A%20rec%3Atoggle%3Acollapse&c.&a.&activitymap.&page=unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&link=Recommended%20For%20You%20%3C&region=BODY&pageIDType=1&.activitymap&.a&.c&pid=unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400&pidt=1&oid=Recommended%20For%20You%0A%3C&oidt=3&ot=SUBMIT&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=9A531C8B532965080A490D4D%40AdobeOrg&lrt=147&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:24:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 13 Apr 2024 17:24:31 GMT
server: jag
etag: 3678516378028507136-4618676172244892042
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 11 Apr 2024 17:24:31 GMT

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 119ms
118ms Stylesheet
text/css 52.222.232.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Jan 2024 18:19:49 GMT
content-encoding: gzip
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 6735883
etag: W/"7144eaceff0b31347712515a6116074e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: kHklas5y5KWXz1Z727CDGzLk7nabJm6tS3oF7Jxp2nsqVU2LM0kB0g==

GET
BLOB 200
OK 9e2269b3-1fa7-4434-ad18-88a0379dc749
https://unit42.paloaltonetworks.com/ Frame 3982 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://unit42.paloaltonetworks.com/9e2269b3-1fa7-4434-ad18-88a0379dc749
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 0
Content-Type

GET
BLOB 200
OK 49854d9a-2b56-4b01-a1f7-8131d10c77bd
https://unit42.paloaltonetworks.com/ Frame 3982 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://unit42.paloaltonetworks.com/49854d9a-2b56-4b01-a1f7-8131d10c77bd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 31224
Content-Type

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
307 B 215ms
213ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://unit42.paloaltonetworks.com
Date: Fri, 12 Apr 2024 17:24:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 121ms
119ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KS2MELEEFC&gtm=45je44a0v880354802za200&_p=1712942668173&gcd=13l3l3l3l1&npa=0&dma=0&tt=&cid=1688756973.1712942669&ul=he-il&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&uid=&dl=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&sid=1712942669&sct=1&seg=0&dt=Threat%20Brief%3A%20Operation%20MidnightEclipse%2C%20Post-Exploitation%20Activity%20Related%20to%20CVE-2024-3400&_s=2&tfd=11772
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://unit42.paloaltonetworks.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 17:24:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://unit42.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
n.clarity.ms/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: n.clarity.ms
URL: https://n.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-21 00:08:14	Name: demdex Value: 80372163567881603990687221440552751065
unit42.paloaltonetworks.com/	1970-01-20 19:50:29	Name: pvc_visits[0] Value: 1713029067b133365
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: AMCVS_9A531C8B532965080A490D4D%40AdobeOrg Value: 1
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: s_ecid Value: MCMID%7C74651174017486232630115124683999594441
.paloaltonetworks.com/	1970-01-21 04:34:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Apr+12+2024+20%3A24%3A28+GMT%2B0300+(%D7%A9%D7%A2%D7%95%D7%9F+%D7%99%D7%A9%D7%A8%D7%90%D7%9C+(%D7%A7%D7%99%D7%A5))&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=cd671508-429f-49f2-b5b3-0ec519bc54cc&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: AMCV_9A531C8B532965080A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19826%7CMCMID%7C74651174017486232630115124683999594441%7CMCAAMLH-1713547468%7C6%7CMCAAMB-1713547468%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1712949868s%7CNONE%7CMCAID%7CNONE%7CMCCIDH%7C-1924009256%7CvVersion%7C5.5.0
.paloaltonetworks.com/	1970-01-20 19:49:04	Name: dmdbase_cdc Value: DBSET
unit42.paloaltonetworks.com/	1969-12-31 23:59:59	Name: __anaEvent23Sent Value: true
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: at_check Value: true
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: _ga Value: GA1.1.1688756973.1712942669
.paloaltonetworks.com/	1970-01-20 19:49:04	Name: s_lv_s Value: First%20Visit
.paloaltonetworks.com/	1970-01-20 20:15:10	Name: s_vnum Value: 1714510800215%26vn%3D1
.paloaltonetworks.com/	1970-01-20 19:49:04	Name: s_invisit Value: true
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_plt Value: unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400
.paloaltonetworks.com/	1970-01-20 19:49:04	Name: gpv_v9 Value: unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400
.paloaltonetworks.com/	1970-01-20 19:49:04	Name: s_ppn Value: unit42%3Athreat%20brief%26colon%3B%20operation%20midnighteclipse%2C%20post-exploitation%20activity%20related%20to%20cve-2024-3400
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.paloaltonetworks.com/	1970-01-20 21:58:38	Name: _gcl_au Value: 1.1.583543836.1712942669
.paloaltonetworks.com/	1970-01-20 19:50:29	Name: _uetsid Value: 84ca9180f8f111eebb21758b2c849a04
.paloaltonetworks.com/	1970-01-21 05:10:38	Name: _uetvid Value: 84cab3f0f8f111ee967c53172d1ee5a9
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: mbox Value: session#a8202364c226478aac30088392b023c0#1712944530\|PC#a8202364c226478aac30088392b023c0.37_0#1776187470
.bing.com/	1970-01-21 05:10:38	Name: MUID Value: 09EE6B8F42F46749104D7FD0438966CC
.t.co/	1970-01-21 05:25:02	Name: muc_ads Value: 228f4726-fee4-48de-aacf-562380a6e70e
.twitter.com/	1970-01-21 05:25:02	Name: personalization_id Value: "v1_yV+Y0Xui5b9oe7QnOZpogQ=="
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: __utma Value: 85376408.1688756973.1712942669.1712942670.1712942670.1
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: __utmc Value: 85376408
.paloaltonetworks.com/	1970-01-21 00:11:50	Name: __utmz Value: 85376408.1712942670.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.paloaltonetworks.com/	1970-01-20 19:49:03	Name: __utmt Value: 1
.paloaltonetworks.com/	1970-01-20 19:49:04	Name: __utmb Value: 85376408.1.10.1712942670
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: _mkto_trk Value: id:531-OCS-018&token:_mch-paloaltonetworks.com-1712942669972-51615
.techtarget.com/	1970-01-20 19:49:04	Name: __cf_bm Value: X934B8qdN_xKIh86lO83s1UFawYNvERx7bU727ghYpA-1712942669-1.0.1.1-cseeDDZItAfqdOmdm3iKiMatfGmaaP2g0S8m.BlCRVj31TXmGCcWeTTQ0MvMYLVaObW2RbFXfO7544NDKb737Q
.twitter.com/	1970-01-21 05:25:02	Name: guest_id_marketing Value: v1%3A171294266983838852
.twitter.com/	1970-01-21 05:25:02	Name: guest_id_ads Value: v1%3A171294266983838852
.twitter.com/	1970-01-21 05:25:02	Name: guest_id Value: v1%3A171294266983838852
.linkedin.com/	1970-01-20 21:58:38	Name: li_sugr Value: 5059b730-88e7-4a6d-a1d6-78fd5b3043bd
.linkedin.com/	1970-01-21 04:34:38	Name: bcookie Value: "v=2&9e85991b-81ad-4182-8908-b913006f218a"
.linkedin.com/	1970-01-20 19:50:29	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3159:u=1:x=1:i=1712942669:t=1713029069:v=2:sig=AQHPJitKsZRGRewU-463dghmKDoaSXjE"
.company-target.com/	1970-01-21 05:25:02	Name: tuuid Value: ee5a849b-065b-4c5d-a1fb-06d7613833b5
.company-target.com/	1970-01-21 05:25:02	Name: tuuid_lu Value: 1712942670\|ix:0\|mctv:0\|rp:0
.linkedin.com/	1970-01-20 20:32:14	Name: UserMatchHistory Value: AQJVnjRgJRZdYAAAAY7TVuFEHvJE8Uhgxy-Bgjnl-E28qgyKAhli8QKU_Ug7e9Ifvd3dlK_hDoxAjw
.linkedin.com/	1970-01-20 20:32:14	Name: AnalyticsSyncHistory Value: AQJWe-AfwFSIXwAAAY7TVuFEoqX43OybmcahoKGERHyVYfHMTm-sYRaS7M0qrpJ_VbW3PWjQnDGXYxUx7rGhhw
www.clarity.ms/	1970-01-21 04:34:38	Name: CLID Value: 4750180feb414c6d99d01bcd53cf8c7a.20240412.20250412
.doubleclick.net/	1970-01-21 05:25:02	Name: IDE Value: AHWqTUlkVrmjVS3SuwGpOpALwZzORABc5xD-P9P4iQyu_KIV4jVhHtwsOFbId823NdU
.doubleclick.net/	1970-01-21 00:08:14	Name: receive-cookie-deprecation Value: 1
.paloaltonetworks.com/	1970-01-21 04:34:38	Name: _clck Value: ayedf%7C2%7Cfkv%7C0%7C1563
.paloaltonetworks.com/	1970-01-20 21:58:38	Name: _fbp Value: fb.1.1712942670473.2031054814
.www.linkedin.com/	1970-01-21 04:34:38	Name: bscookie Value: "v=1&20240412172430bb07ecdf-ac74-46df-8ca6-6fa93c186f33AQEfPtMT6GwXIhD8L4qNOoVTJUIgXcMe"
.casalemedia.com/	1970-01-21 04:34:38	Name: CMID Value: ZhluTosFVgUAABvXAMZcXgAA
.casalemedia.com/	1970-01-20 21:58:38	Name: CMPS Value: 4925
.casalemedia.com/	1970-01-20 21:58:38	Name: CMPRO Value: 4925
.rubiconproject.com/	1970-01-21 04:34:38	Name: khaos Value: LUWXU7P5-R-4DH0
.rubiconproject.com/	1970-01-20 21:58:38	Name: receive-cookie-deprecation Value: 1
.tremorhub.com/	1970-01-21 04:34:59	Name: tvid Value: 880cbd4741964c1cbba09737780ca8a0
.tremorhub.com/	1970-01-21 05:25:02	Name: tv_UIDM Value: ee5a849b-065b-4c5d-a1fb-06d7613833b5
.paloaltonetworks.com/	1970-01-20 19:50:29	Name: _clsk Value: 12p97ul%7C1712942671160%7C1%7C1%7Cn.clarity.ms%2Fcollect
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_ppvl Value: unit42%253Athreat%2520brief%2526colon%253B%2520operation%2520midnighteclipse%252C%2520post-exploitation%2520activity%2520related%2520to%2520cve-2024-3400%2C13%2C13%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_ppv Value: unit42%253Athreat%2520brief%2526colon%253B%2520operation%2520midnighteclipse%252C%2520post-exploitation%2520activity%2520related%2520to%2520cve-2024-3400%2C12%2C12%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: _lo_uid Value: 109287-1712942670544-7e82ef6b4278d2fa
.paloaltonetworks.com/	1970-01-20 19:49:03	Name: _lorid Value: 109287-1712942670544-33dde01e6efc4a3e
.paloaltonetworks.com/	1970-01-21 04:34:38	Name: _lo_v Value: 1
.paloaltonetworks.com/	1970-01-21 00:08:14	Name: __lotl Value: https%3A%2F%2Funit42.paloaltonetworks.com%2Fcve-2024-3400%2F
.adsrvr.org/	1970-01-21 04:34:38	Name: TDID Value: 6b8803c3-ec36-4e45-8763-45cca687b477
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: s_lv Value: 1712942671800
.paloaltonetworks.com/	1970-01-20 20:32:14	Name: s_nr Value: 1712942671802-New
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_sq Value: %5B%5BB%5D%5D
.paloaltonetworks.com/	1970-01-21 05:25:02	Name: _ga_KS2MELEEFC Value: GS1.1.1712942669.1.0.1712942671.58.0.0
.c.bing.com/	1970-01-20 19:59:07	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:10:38	Name: SRM_B Value: 09EE6B8F42F46749104D7FD0438966CC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:10:38	Name: MUID Value: 09EE6B8F42F46749104D7FD0438966CC
.c.clarity.ms/	1970-01-20 19:59:07	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:49:03	Name: ANONCHK Value: 0
.rubiconproject.com/	1970-01-21 04:34:38	Name: audit Value: 1\|DlixgiDlTXK5cVWi2DhAmN5qQUdRBpUUiMuQtRrL//mUHKCefwHvs8KRELxBRWDYzTEIWK4PjV1w0S94mtzOHwmugVMwSc1VtkwrZjsGP5OGxkFeE6vbHxdkBxdebb/5D+4fBAIbPrQtInZM2+DSBoSo/CV2hfoU0r1UU9Ix4w1JSUn9Ni8QcA==
.adnxs.com/	1970-01-21 05:25:02	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 04:34:38	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwjampWs7sftPBAFEhUKBmdvb2dsZRILCJDr47Tux-08EAUSFgoHcnViaWNvbhILCPDVlazux-08EAUYBSACKAMyCwik85fZhMjtPBAFQg8iDQgBEgkKBXRpZXIyEAFaBzR2YzE3ZG1gAQ..
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_tps Value: NaN
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_pvs Value: NaN

96 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/292776655893647?v=2.9.153&r=stable&domain=unit42.paloaltonetworks.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://unit42.paloaltonetworks.com/cve-2024-3400/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12123386.fls.doubleclick.net
531-ocs-018.mktoresp.com
a.quora.com
analytics.google.com
analytics.twitter.com
api.company-target.com
assets.adobedtm.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.cookielaw.org
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
ml314.com
munchkin.marketo.net
n.clarity.ms
paloaltonetworks.tt.omtrdc.net
px.ads.linkedin.com
q.quora.com
s.company-target.com
scripts.demandbase.com
settings.luckyorange.net
snap.licdn.com
ssl.google-analytics.com
sstats.paloaltonetworks.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.demandbase.com
trk.techtarget.com
u33254697.ct.sendgrid.net
unit42.paloaltonetworks.com
www.clarity.ms
www.facebook.com
www.google.co.il
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paloaltonetworks.com
n.clarity.ms
104.102.141.31
104.18.36.196
104.19.178.52
104.244.42.133
104.244.42.3
108.177.15.154
13.107.246.45
13.107.42.14
142.250.181.226
142.250.181.234
142.250.185.136
142.250.185.227
142.250.186.40
143.204.98.127
146.75.120.157
157.240.0.35
157.240.253.1
162.159.152.17
167.89.118.35
172.217.18.3
172.64.155.119
172.67.75.100
18.172.103.101
18.245.46.89
18.66.102.75
192.28.144.124
2.20.71.71
204.79.197.237
216.239.36.181
216.58.206.68
216.58.212.166
23.197.4.130
23.211.8.45
34.111.208.231
34.117.77.79
34.96.71.22
35.71.131.137
52.184.204.244
52.21.250.58
52.222.232.122
54.228.84.202
63.140.62.27
66.235.152.221
68.219.88.97
92.123.151.6
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
013bba7b7113817ba1ad5219806cae1dcaa05e1a865f875b5abc303b874108fc
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
046a4e8f010401fd9cdf21990e0f4ec29f0ad66806d1ab41226d10ebfa6561e4
063ec37c577626759abb6b5a3c13e9b4e9ee70c6927ec4f6b34637786c536dfd
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
0894d66cd47070993e0dd1c832ee05978c6ea4ef1dc452c878fd64a95f1ee787
0a4a89f730bfebb50c71064238ac11eb20fbb6233c7a814822e926e3b3df57fc
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0f99161d83c288e754f5f7af3d0fc0e47e3e2289d5bf6f3df964d33785ec30a9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
18c14e773ddd0002e4da1176390b7cc121c2e753e216e7ce3467bd303ccfd3d9
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1e972a7f6e90a683c20bf8bafedc981e3b551156835c5b70d91c913c1da8434a
204103aae0ac5c701f9a4a9312611ca15569d2efa03b68dd1f5ea19618f9b78e
2067dafdf98d33eace39dcadf5e75aa8b39309acc3f163bd2de74b69b8fdc962
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
253986ae8f8555cea918d960c8674fb8eace0c93bd2f323031b08bb1f3de8d1f
2603910bd5da680dbb063e5772f2f9d722150e08f8a21d65dbd214810ed1e5f7
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fff39fc60bd268cd34d270f80d39a61bd875100c73d7cfb3ac2c93166e8542d
3345e1d5601514a1fa98397e817d7c940715b82c438d16183ebc990b1904c052
351cb79f16546f26c862b782233ada0a5aec6366fb29dadcdb971f699b98bdd3
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
3771d42912a6896d0148299bfae4f5d30491f5b984e06c585eef4b856bf34a15
37c5694161fda223034cd9fe184f6801ce2564b8952482a67bdcb871431492d8
3919066c108df4a52f94cafa0150ebf05597c1d249874566b887d1e9ecc6d825
3fa63f9a558f1666fc72c1c0cf203632f865b96e556557449978e7f60ede24fc
4006e5423105d0b2dba863c8816ae5b4241e6433127a0e4157796787e559d5eb
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
44ad8f1e161fcd6ac2dd12fd4fb3195d4225e8e6fd6f732092a83e5849f4d28f
45b46b7497d7aae8e48cd4972c5d78ddc05e72dd77c9ad30839bec3a5c33a674
48174261359bbd4fc8cd1d353a3ecfd21dff57014432bfff6ec7dad357c94197
482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee
49b09b2bc843604d649192a9968ecb03324caad58e71bea935df27b0d1e280d9
4b098a83820406ee35112a0086bcbfaf8dfd357c06d5de16e34fd2c1b2c7d58a
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4dbd791d454fa9a2fc189a4dd70e583059c6e24bfd3d7980f016dbcf7498a88d
4e761de8e6a6da96985c89bad27c4b8d8fba994a88125ecdccdb14b3f12eeb56
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5967a0bdc33f6d9cdf4d5cee3616352d2fd8364783b962dbd699524f24a981b9
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
5b5d70daf9c93c1ef917e14b6db8626fcc5e5a5d71368caa2616c303789be096
5b9f64af57093c3ea1d2898a2cf985f4bd12933f5367a1cd5c8db3e71b385a05
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
630d0a3cc8f4c4aa7bf49b40ae6f59f3a137707e0d7bba46ba44e2e5f2c53aab
633b5dad58169476f5ba213320dec29ef99c360a52d43df8bdadda422a48ba96
6421dd8a8110c77dae085c2cbefa53caf58c82307e451fa3ac65718f3b36c232
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68b324a6179651d56917d3b1f3f5d0a1e71b08550b1468790826dde5e22b2b56
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69ebf4a4e8627a9b9ea12a4850e5f3681ee0ba6a6970cc1ae5d35f275eb5cf3a
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
6d455d957f6da8406bc1c9123512f104fa348800a0141fc0e5ada3fa332c0edf
70b62699855b1bd30c696b1797adb66b41dd584e253ed4f8abe0ca4d245ccd4d
71f8892d3e3883e5fdf73032c7ab583e52fad50ce2d684084dbe6ded853c6b67
789094003d7990c9a6943bf5ea8a789ac2701810361a2c84a815ed08e277efdc
79a82f797c18beaaed92c165374c8ef991083d6e2efb386f0732378769949b5c
806ee0e64518a7cab77fec782698b2108a0b7eb0b32537137e5a7946625236bd
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
87b86cadece9b98f6248b8b6ec7187ec2579e69c94c4b9589e8385d0162fbb1e
8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8e900bdcaa74e0eb091e739805ab04350357416fbaab54a5ac7d5d6f81bbdb4f
8ec11303a508ae99cfde8da8d8418863f5c44c6e4d9ad85d89b751711810ccbe
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92335224b64f5f098468fe62b305c351fa91bbe7ac8d25b20d82b599b9797d72
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
939a2e63d498e26ea2554a148a2d0f53c49720652f4c602aaca74a600ef314d5
96f5448fff9d445e080e2485513a9e70b7fa141ba295e3c45b2f828ff23ef6bb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0292e0cbc4b30386d1d5c106a5755e1fb924d7569d9a23f9e3e7162996becc
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9b83f5900d4f38ac3a78809b3448fb9b18b86493a2df5693c16b0cab07122c59
9c1d6395615cae4aa62776a2acbe73a24819df1b1773845fa3e99fe828783961
9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567
9e44e02657bfb367983e7ecedb3f701dd96798151f712506c4cd5027b9646341
a150cf580eae66fdf504d6ac0ab85bb72a811fdd3f6bcd09b67d869d5827729e
a245df6da22f0700461deb2f6f840edce1f07613bab8e44eaa076f97bc40995f
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a563fe17ead20f9da7790f6892a9efe8b5a109a85c4d1ebc9778649496a0a2bb
a6593748a2bf54b29a651498c996823b8d4f6ad9021fcf14678cb38afcc247c0
a6c9e227829b7521e9cbcc4817d978bd8d69d0eb19dde9b3b9fe7f798614217c
a9f5dcaa7482de7a0ceb01f30b7731db2d6c98e2db7d31b58647effefdca45ca
abb2087210446cbaedf71394dcf010dee59f6782fc99b2cbc277ee0a162d5bd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b350cde8333b78d909635b54c3f50fd72d38abcb67cf4ee1a3a212be1d775768
b44d4b521f52cdbd4ccf5783c953f127b92edf92da773c4f355ca2fdba31e8d3
b849ac9311853409dafdd2928bffaa5e78d9a3fbb3739080488b01c2a5788901
ba436e29a2c0cc102db63b1405f3498fa01e28662e5413bbd460c7be1103bf2c
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c223ad34b1e80d587f2f26db6117a8f29e85e00e05b930e50770f97e245084dc
c42e9cd97267318bddd74cc5072be5c3eca2a43947fb7c36d9ded6caabb1fe8c
c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43
c9c183c8efe02b849d685a1a9b5989159335f62e89d0510162efef636d90c84e
cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb
ce8287c3e0aa69b9b84e99fefcd63c5aa3e5f91d59852efad2a446efb3f07595
cf10b8926160d5ac5e3e6fc235a7499e91f04b0097d37bac51efe1c5ed61d92b
cf1fb343613ce155b53f2d3eb5c0dbcf7336cc5ce325ae585ab6533d9467bffb
cfc33e590cf809e494f4305e2cbb199096b553439a0dea8f0b4832bdf192e8ff
d0031e74e4a3ec284c971fbeb6dc844aa88c9cab66f3caf4d143eef0061fa525
d773a880466112a1e5b64abbbc09e1acc76c800ecd0e6027ac526b98fe960044
d9a8953bf5bdf24a0aeda1180631536ddcb47da94f1e9fa4e866da73c8383de9
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dbf6d8c90fdd2bf4b8ebf961fa4dc6e72176eb900819cd82f5f2f4ce8e64864c
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
df35525390ccc434316ed0514469c12c622dd89e107148f71ab8b5256d06cc9b
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e298f061795a29026418ba494d572c118e15a01eb92eb0e5bb7d989e4a5408ed
e2c997abb38ede2240d957b57a3216882e8416b1f757f26b92128a8875e00e73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e5f0381930f2c032840f3601bcf647ed2b42b8fedd65199864aeaa27f148a0e5
e865cf013eaa0223f508139bd864e5a3f2b88fc1857c0bc714cc48389a3ea82f
e883b663a943fd1629f7ff06fe7beb9971d8a720c37416a2d7af18a1a9c7dcff
ed8cf026c5ba15839e482152ef830232ebd12a4558e97e4c5e3b0865d6e54434
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f8297af6690316b315d6e33ec65b3df2a827e3b4364f516f454e5bc03a124c
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
f4424b49e0a0f2e8fde41b393ce2c7afd9dd4b4e0d226e7f75541c37f47a4e59
f49dc6b21882d7b0f6f8bee96b020068ae7dcf9c15744767a9d9f4955e78be8a
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
ff10c1fe39489bf9f57c9dc9e8ccc064dfdfd4dec949636d5deeba2a8f2da2f0
ff7e73495d2e8f7f4430a24209857c0350b677f14c3c0121dc2f8e0f9b9f8453

unit42.paloaltonetworks.com Open in urlscan Pro 92.123.151.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

95 %HTTPS

0 %IPv6

33 Domains

49 Subdomains

45 IPs

5 Countries

2705 kBTransfer

6161 kBSize

77 Cookies

76 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

unit42.paloaltonetworks.com Open in urlscan Pro
92.123.151.6 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

95 %
HTTPS

0 %
IPv6

33
Domains

49
Subdomains

45
IPs

5
Countries

2705 kB
Transfer

6161 kB
Size

77
Cookies

170 HTTP transactions
0 data transactions