live.paloaltonetworks.com Open in urlscan Pro
3.160.150.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Submission: On May 06 via api (May 6th 2024, 5:31:49 pm UTC) from IN — Scanned from DE

Summary HTTP 75 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 17 domains to perform 75 HTTP transactions. The main IP is 3.160.150.38, located in United States and belongs to AMAZON-02, US. The main domain is live.paloaltonetworks.com. The Cisco Umbrella rank of the primary domain is 232078.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 23rd 2024. Valid for: a year.

This is the only time live.paloaltonetworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	3.160.150.38 3.160.150.38	16509 (AMAZON-02) (AMAZON-02)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:480... 2a02:26f0:480:f9d::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
8	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.72.38.16 34.72.38.16	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	52.212.196.90 52.212.196.90	16509 (AMAZON-02) (AMAZON-02)
1	143.204.9.21 143.204.9.21	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.222 63.140.62.222	15224 (OMNITURE) (OMNITURE)
2	18.66.102.127 18.66.102.127	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	18.245.46.44 18.245.46.44	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:215... 2600:9000:2156:9e00:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.251.5.156 142.251.5.156	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	() ()
1	142.250.186.72 142.250.186.72	() ()
75	26

28 3.160.150.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-38.fra60.r.cloudfront.net

live.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f9d::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.72.38.16 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.38.72.34.bc.googleusercontent.com

playlist.megaphone.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.196.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-196-90.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.9.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-9-21.mxp64.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net

sstats.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-127.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-44.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9e00:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.72 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	paloaltonetworks.com live.paloaltonetworks.com — Cisco Umbrella Rank: 232078 sstats.paloaltonetworks.com — Cisco Umbrella Rank: 128747	2 MB
9	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1866 ka-f.fontawesome.com — Cisco Umbrella Rank: 4530	335 KB
4	gstatic.com fonts.gstatic.com	91 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 425	88 KB
3	company-target.com api.company-target.com — Cisco Umbrella Rank: 4111 s.company-target.com — Cisco Umbrella Rank: 1388	2 KB
3	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 8751 tag.demandbase.com — Cisco Umbrella Rank: 5741 tag-logger.demandbase.com — Cisco Umbrella Rank: 4940	25 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	198 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	426 B
2	youtube.com www.youtube.com	69 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095	315 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 988	59 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103	31 KB
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 243	828 B
1	megaphone.fm playlist.megaphone.fm — Cisco Umbrella Rank: 26793
75	17

	Domain	Requested by
28	live.paloaltonetworks.com	live.paloaltonetworks.com
8	ka-f.fontawesome.com	kit.fontawesome.com live.paloaltonetworks.com
4	fonts.gstatic.com	fonts.googleapis.com
4	assets.adobedtm.com	live.paloaltonetworks.com assets.adobedtm.com
3	www.googletagmanager.com	www.google-analytics.com www.googletagmanager.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.youtube.com	assets.adobedtm.com www.youtube.com
2	www.google.de	live.paloaltonetworks.com
2	region1.analytics.google.com	www.googletagmanager.com
2	api.company-target.com	assets.adobedtm.com tag.demandbase.com
2	sstats.paloaltonetworks.com	assets.adobedtm.com
2	www.google-analytics.com	live.paloaltonetworks.com www.google-analytics.com
2	fonts.googleapis.com	live.paloaltonetworks.com
2	maxcdn.bootstrapcdn.com	live.paloaltonetworks.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	s.company-target.com	tag.demandbase.com
1	tag.demandbase.com	live.paloaltonetworks.com
1	scripts.demandbase.com	assets.adobedtm.com
1	dpm.demdex.net	assets.adobedtm.com
1	script.hotjar.com	static.hotjar.com
1	playlist.megaphone.fm	live.paloaltonetworks.com
1	static.hotjar.com	live.paloaltonetworks.com
1	kit.fontawesome.com	live.paloaltonetworks.com
75	23

This site contains links to these domains. Also see Links.

Domain
www.paloaltonetworks.com
unit42.paloaltonetworks.com
www.facebook.com
www.linkedin.com
twitter.com
beacon.paloaltonetworks.com
knowledgebase.paloaltonetworks.com
docs.paloaltonetworks.com
www.youtube.com

Subject Issuer	Validity	Valid
live.paloaltonetworks.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-23` - `2025-02-05`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.megaphone.fm Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-05-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
sstats.paloaltonetworks.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2024-08-18`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.company-target.com R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Frame ID: 5211C51E9786E0FF14EF173280663090
Requests: 75 HTTP requests in this frame

Frame: https://playlist.megaphone.fm/?e=CYBW9865829031
Frame ID: F2C97C48AB6BE79CE8E6C5A7E71315B5
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 0B19AAD7DA31D1879A0471B367A2A4CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Understanding the Midnight Eclipse Activity and CVE 2024-3400 | Palo Alto Networks

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

100 %
HTTPS

40 %
IPv6

17
Domains

23
Subdomains

26
IPs

5
Countries

3030 kB
Transfer

8587 kB
Size

41
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paloaltonetworks.com/legal-notices/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/unit42%E2%81%A0
Title: https://www.paloaltonetworks.com/unit42⁠

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/%E2%81%A0
Title: https://unit42.paloaltonetworks.com/⁠

Search URL Search Domain Scan URL

URL: https://www.facebook.com/LifeatPaloAltoNetworks/%E2%81%A0
Title: https://www.facebook.com/LifeatPaloAltoNetworks/⁠

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/unit42/%E2%81%A0
Title: https://www.linkedin.com/company/unit42/⁠

Search URL Search Domain Scan URL

URL: https://twitter.com/PaloAltoNtwks%E2%81%A0
Title: https://twitter.com/PaloAltoNtwks⁠

Search URL Search Domain Scan URL

URL: http://www.paloaltonetworks.com/

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/company
Title: About Palo Alto Networks

Search URL Search Domain Scan URL

URL: https://beacon.paloaltonetworks.com/student/catalog
Title: Beacon

Search URL Search Domain Scan URL

URL: https://knowledgebase.paloaltonetworks.com/
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: https://docs.paloaltonetworks.com/
Title: Techdocs

Search URL Search Domain Scan URL

URL: https://twitter.com/PaloAltoNtwks

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCPRouchFt58TZnjoI65aelA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/palo-alto-networks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PaloAltoNetworks

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 585372 Show response
live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/ 153 KB
35 KB 984ms
671ms Document
text/html 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

d5ea5588bdc9452b8071ee2d0020fe68247e30e4df69cc9805f030de84899fbd

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate, private
content-encoding: gzip
content-length: 33858
content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-type: text/html;charset=UTF-8
date: Mon, 06 May 2024 17:31:44 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-id: KfydE25utxNPfgyTrlPVS-YaHAHBrh1xuOLr92mwdDMZHqsOf6PKUA==
x-amz-cf-pop: FRA60-P7
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 150ms
95ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 15613225
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 441a5c346e6138207e493340368ec0b9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87fab4a4ca92772d-WAW
cdn-requestpullsuccess: True

GET
H2 200 paloalto.css
live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/ 4 MB
406 KB 63ms
60ms Stylesheet
text/css 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: edf1163113eae0136f1ececf4084fea19208dc3c04a959916cf649646ac42b94

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 14:01:09 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 02:30:19 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 12635
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=UTF-8
cache-control: s-maxage=457570
x-amz-cf-id: Zuwr_xBesy6wmfhBWg_Lw15gYNVZhHpjir7n-wkqUsDfGr6VNypbkA==
expires: Tue, 06 May 2025 14:01:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
544 B 139ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aeb52bfd69b48dd91ab5ab457e493b11754faf5bc880e4f2b1803cd50389481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 May 2024 17:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 May 2024 17:14:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 May 2024 17:31:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d68c87dd14a6d930bcf636725c453c33490c083be547441149fd263be8caf2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 May 2024 17:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 May 2024 17:31:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 May 2024 17:31:44 GMT

GET
H2 200 octicons.css
live.paloaltonetworks.com/html/@463369B42451F16CB7991E638ED0E76E/assets/ 9 KB
2 KB 208ms
206ms Stylesheet
text/css 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/@463369B42451F16CB7991E638ED0E76E/assets/octicons.css
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: adc282672afec8c011e51d8805ff33f82a249e782abd3031e6f22d46b921b8d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 12 Dec 2023 22:06:07 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 12597937
etag: W/"9147-1618523982000-gzip"
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1850
x-amz-cf-id: 0a81kI6XAtOUEYqUChnyVtxxPFtE0Ms8CvoVSxGX4MWQoKo-C7oTmA==

GET
H2 200 2.2.4-jquery.min.js Show response
live.paloaltonetworks.com/html/@C7A295DE58C50A7BA6EC231D486D724A/assets/ 84 KB
30 KB 205ms
203ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/@C7A295DE58C50A7BA6EC231D486D724A/assets/2.2.4-jquery.min.js
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jul 2023 17:55:14 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Wed, 14 Dec 2022 02:56:23 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 24622590
etag: W/"85578-1670986583000-gzip"
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29822
x-amz-cf-id: ba6RTSoVul2oYWXg-ubi4-rO9Ip5jROArv9WA6w6Q9Siu8IbNeTRUw==

GET
H2 200 datatables.min.css
live.paloaltonetworks.com/html/@13BBAED61FFB96A5E96472721EBDFE47/assets/ 18 KB
3 KB 199ms
197ms Stylesheet
text/css 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/@13BBAED61FFB96A5E96472721EBDFE47/assets/datatables.min.css?v=2
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: df121b41fbbbd202c00e21a470db3a5b483d273f16bac08c4b569189625c3fd6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jul 2023 01:12:24 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 03:37:20 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 25028360
etag: W/"18689-1677728240000-gzip"
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2794
x-amz-cf-id: a8RAVOmVvdkaxRW4i0EdwdVcV8WWCU63pkYeodfPRB_w8GpoUVOWPw==

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 117ms
64ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 874
age: 1998219
cdn-cachedat: 10/31/2023 18:51:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"c5b5b2fa19bd66ff23211d9f844e0131"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9340496eb92efbb51c4cbfe31c0a2d1a
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87fab4a4ca95772d-WAW
cdn-requestpullsuccess: True

GET
H2 200 5517375e97.js Show response
kit.fontawesome.com/ 12 KB
5 KB 160ms
65ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/5517375e97.js
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1e0e7bc9d6ff802228d806938f3545a695261df341731332a1bdc075b39aff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:44 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 28
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 87fab4a50ef31941-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8yN7fHXV460Aw1_izKi

GET
H2 200 launch-4ef8b5215a98.min.js Show response
assets.adobedtm.com/9273d4aedcd2/44023ce95133/ 303 KB
73 KB 136ms
40ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8c666acb22ffabb6f504067c23870928348212d362e1b819610db902d371f334

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
content-encoding: gzip
last-modified: Mon, 05 Feb 2024 16:47:25 GMT
server: AkamaiNetStorage
etag: "be6997f7df744853a2d0c459680e64c4:1707151644.989859"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 74081
expires: Mon, 06 May 2024 18:31:45 GMT

GET
H2 200 lia-scripts-head-min.js Show response
live.paloaltonetworks.com/t5/scripts/A81C646A6C82440C7F8530E686C629CA/ 15 KB
5 KB 203ms
202ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/scripts/A81C646A6C82440C7F8530E686C629CA/lia-scripts-head-min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

3576ffe86e82b17a0c85a880caf93fcb92c008d1acd6543d5a1822e2bb547c4e

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
date: Sun, 05 May 2024 15:41:09 GMT
x-amz-cf-pop: FRA60-P7
age: 93035
x-cache: Hit from cloudfront
content-length: 4964
last-modified: Fri, 26 Apr 2024 08:39:43 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=133795
x-amz-cf-id: MalKz7V8_d2Eup8hoQmWdOD2kAc-11lbz02L3np2wG6AyvT0nzUvxQ==
expires: Sun, 04 May 2025 02:29:22 GMT

GET
H2 200 lia-scripts-head-min.js Show response
live.paloaltonetworks.com/t5/scripts/D60EB96AE5FF670ED274F16ABB044ABD/ 4 KB
2 KB 201ms
200ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/scripts/D60EB96AE5FF670ED274F16ABB044ABD/lia-scripts-head-min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

dd160737ff99d0b3796fc177f5b10d9121a67ba4865abfcff00294fc5538def0

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
date: Sun, 05 May 2024 13:48:03 GMT
x-amz-cf-pop: FRA60-P7
age: 99821
x-cache: Hit from cloudfront
content-length: 1494
last-modified: Fri, 26 Apr 2024 08:39:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=132686
x-amz-cf-id: dr2xIznvqV9sOxd09quJaWeR68WzzmOTMstg4MVMvUbsZkriC6QgHQ==
expires: Sun, 04 May 2025 00:56:23 GMT

GET
H2 200 PANW_Red_BW.png
live.paloaltonetworks.com/html/@3ED993240B214CCB84957D8890090F3C/assets/ 14 KB
14 KB 200ms
199ms Image
image/png 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.paloaltonetworks.com/html/@3ED993240B214CCB84957D8890090F3C/assets/PANW_Red_BW.png
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 4ef6697c4e02b8d303361a7b0e8f0e914a6b2fbd98b4de3577d175064706bf0c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 01:52:52 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 11979532
etag: W/"14362-1618523982000"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14362
x-amz-cf-id: XyiJKom4A2aFwKZuLufbeZlQO-sas6538lJYSStZFm3BDTuy3gj7ug==

GET
H2 200 LC-logo-BW.png
live.paloaltonetworks.com/html/@E5AF36E8ADFF42398AB32C75C8A2488A/assets/ 11 KB
12 KB 201ms
201ms Image
image/png 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.paloaltonetworks.com/html/@E5AF36E8ADFF42398AB32C75C8A2488A/assets/LC-logo-BW.png
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 45bdb17bc257a64ec4dba2839351a7eab4a4e308639fe55679ac793f23afd2ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Dec 2023 16:48:30 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 12012194
etag: W/"11771-1618523982000"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11771
x-amz-cf-id: zal6IDVpsRzUX6-sP3H0DPW8IPCQTAkRD6ZGSyQmDsZCHIcWihyXCw==

GET
H2 200 40x40
live.paloaltonetworks.com/t5/image/serverpage/image-id/58666i29B554871C7E5DBF/image-dimensions/ 8 KB
9 KB 239ms
239ms Image
image/jpeg 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.paloaltonetworks.com/t5/image/serverpage/image-id/58666i29B554871C7E5DBF/image-dimensions/40x40?v=v2

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

372aeeb5092d7982297b8ce7a6610cb9a088f3e962748cc947b9900948d39e33

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Mar 2024 19:55:55 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg;charset=UTF-8
x-cache: RefreshHit from cloudfront
cache-control: max-age=900
content-disposition: inline; filename="headhshot.jpeg"; filename*=UTF-8''headhshot.jpeg
x-amz-cf-id: UT6SrOlX2Rai5LYEYHgfzrJE6K7SMcbqx69oYT1_FsZUoOgdFLPY-w==
expires: Tue, 06 May 2025 17:31:45 GMT

GET
H2 200 true
live.paloaltonetworks.com/t5/image/serverpage/image-id/59363i26F8D2CC1ECC90EA/image-size/large/is-moderation-mode/ 65 KB
67 KB 234ms
234ms Image
image/jpeg 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.paloaltonetworks.com/t5/image/serverpage/image-id/59363i26F8D2CC1ECC90EA/image-size/large/is-moderation-mode/true?v=v2&px=999

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

8d423e3087d443a6007c3d8bbcd62c5255fa11058d4bae90883834cd2bf99669

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 16:48:49 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/jpeg;charset=UTF-8
cache-control: max-age=900
content-disposition: inline; filename="Threat-Vector_Midnight-Eclipse-Activity-CVE-2024-3400_palo-alto-networks.jpg"; filename*=UTF-8''Threat-Vector_Midnight-Eclipse-Activity-CVE-2024-3400_palo-alto-networks.jpg
x-robots-tag: noindex
x-amz-cf-id: SkcgCaHohJePNLlaF2hXNOYdg9-GoU-urQhR8eiVCcFcsVYzOoBmjg==
expires: Tue, 06 May 2025 17:31:45 GMT

GET
H2 200 Need-answers.gif
live.paloaltonetworks.com/html/assets/ 888 KB
889 KB 56ms
54ms Image
image/gif 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.paloaltonetworks.com/html/assets/Need-answers.gif
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 542ba36fabffe4d3c685191820f7e72aa6847319d439f0cc1073de2222863f20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 16:08:46 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 4979
etag: W/"909245-1618523982000"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
content-length: 909245
x-amz-cf-id: tj1d193YBSw8OM_5-HlEZxaQTFKT4j9gHmpNNYdVMYlCAdLvSJi0xg==

GET
H2 200 PAN_Logo_White.png
live.paloaltonetworks.com/html/@B09EB55777348FEBBB51B90839A41B20/assets/ 16 KB
16 KB 127ms
126ms Image
image/png 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.paloaltonetworks.com/html/@B09EB55777348FEBBB51B90839A41B20/assets/PAN_Logo_White.png
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 7785d249a00c8f2b99296c92289e59aa4ef4a52943aaa2a38fa696d1335336de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jul 2023 03:58:25 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 25623200
etag: W/"16471-1618523982000"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16471
x-amz-cf-id: D-QXiqUkR2BJGqi8f8xqLW3gi9m8nkUsoQgJNgfVpNT6vvT4il03Jw==

GET
H2 200 Khoros-awards-2022-2.jpg
live.paloaltonetworks.com/html/assets/ 74 KB
75 KB 127ms
126ms Image
image/jpeg 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.paloaltonetworks.com/html/assets/Khoros-awards-2022-2.jpg
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: b05c1383abde3d292a0bb660a157c9153a3531931321fa092442a078ac4dc755

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:16:21 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 23:08:14 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 924
etag: W/"75856-1701212894000"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
content-length: 75856
x-amz-cf-id: -JjuPySucv7vP0p7U8B4XH2x9hH4DZXDcBw-fRZghRJYzWmGbv-YJA==

GET
H2 200 imagesloaded.pkgd.min.js Show response
live.paloaltonetworks.com/html/@020795946551318A720718637FCC9A30/assets/ 5 KB
2 KB 55ms
53ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/@020795946551318A720718637FCC9A30/assets/imagesloaded.pkgd.min.js
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 673d2cec1d3719e9bc6bd6a4d71abe5693f545758d19b138e511c3a2b776cbc8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jul 2023 04:00:38 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 25623067
etag: W/"5413-1618523982000-gzip"
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1752
x-amz-cf-id: AGnS5Qd3Xb8kefrOrGGpBPLPfMNx-iHsD_BSecjCeqhdYT7tNdzHuw==

GET
H2 200 masonry.pkgd.js Show response
live.paloaltonetworks.com/html/@30F53A76E997F4FA6FB7A0D0D583C5B6/assets/ 61 KB
15 KB 127ms
125ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/@30F53A76E997F4FA6FB7A0D0D583C5B6/assets/masonry.pkgd.js
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 2d11e2c9ab4e002b1f0b9cc366696f7e4f05f7bdd1ef379a2f78211b23386c4e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jul 2023 00:13:58 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 24772667
etag: W/"62970-1618523982000-gzip"
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15130
x-amz-cf-id: WdophqBRU-iU3wvHToyfg7oehh5R2U55b_nm82Y9qIGgzqx01BOCKw==

GET
H2 200 lia-scripts-angularjs-min.js Show response
live.paloaltonetworks.com/t5/scripts/D1ADE0576DD5396F7FE224FF664AC505/ 173 KB
61 KB 105ms
104ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/scripts/D1ADE0576DD5396F7FE224FF664AC505/lia-scripts-angularjs-min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

f7d80c69dbd2fbc66b658a2e726ae73dba6dcd52dd7bc80798f8a2cd0f416473

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
date: Sun, 05 May 2024 17:04:25 GMT
last-modified: Fri, 26 Apr 2024 08:39:43 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 88040
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
x-cache: Hit from cloudfront
cache-control: s-maxage=134639
x-amz-cf-id: m6chHus7hu5wfdWiWQ6spEMXFcfpT-bXgz1LXSmhzKWVBTSz1MaDaQ==
expires: Sun, 04 May 2025 03:39:38 GMT

GET
H2 200 lia-scripts-angularjsModules-min.js Show response
live.paloaltonetworks.com/t5/scripts/94C410D0A4F58104EA0D51B57F816EDB/ 400 KB
108 KB 128ms
126ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/scripts/94C410D0A4F58104EA0D51B57F816EDB/lia-scripts-angularjsModules-min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

cf29ff08d3e9354cfcfa316bb89b9f90ceb1d14a7ff6f2ca048cd8ab160ec8e0

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 01:50:00 GMT
content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-encoding: gzip
last-modified: Thu, 18 Apr 2024 02:46:14 GMT
server: Apache
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 142905
x-frame-options: SAMEORIGIN
vary: Origin,Accept-Encoding
content-type: text/javascript;charset=UTF-8
x-cache: Hit from cloudfront
cache-control: s-maxage=293085
x-amz-cf-id: RmkpWOgTIxe4lszQokCOchHJ7HBq0mK_UuyW9E_VSkFLKdT2VIrrAw==
expires: Mon, 05 May 2025 01:50:00 GMT

GET
H2 200 lia-scripts-common-min.js Show response
live.paloaltonetworks.com/t5/scripts/BE0032418924EBD91CF51033577A461C/ 348 KB
97 KB 120ms
118ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/scripts/BE0032418924EBD91CF51033577A461C/lia-scripts-common-min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

07bf7315882510d4cc5e732ffe1573f747fdfb70bd3131af72aa48c69910da44

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 00:28:14 GMT
content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 08:39:11 GMT
server: Apache
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 147811
x-frame-options: SAMEORIGIN
vary: Origin,Accept-Encoding
content-type: text/javascript;charset=UTF-8
x-cache: Hit from cloudfront
cache-control: s-maxage=149628
x-amz-cf-id: fQkTrm5VlH3BA8XfFDaT-2bwuzBXjPBYuMbr-BscGgrw88eRUo8Gsg==
expires: Mon, 05 May 2025 00:28:14 GMT

GET
H2 200 lia-scripts-body-min.js Show response
live.paloaltonetworks.com/t5/scripts/8AEB06838711606083E51CFCB9F0A77A/ 68 KB
18 KB 66ms
64ms Script
text/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/scripts/8AEB06838711606083E51CFCB9F0A77A/lia-scripts-body-min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

7c7c56d011d3a1c307c0df3055deec93f12a09a0d99953dbbccacff163dfafb9

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 06:01:37 GMT
content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 127808
x-cache: Hit from cloudfront
content-length: 17827
last-modified: Fri, 26 Apr 2024 08:41:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Origin,Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=153602
x-amz-cf-id: H_W2p0TQFUX5PIzYKfKQST83fOpvgKEglO_Lb9MJQu4WkwIP-HDV4w==
expires: Mon, 05 May 2025 06:01:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 May 2024 15:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6642
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 06 May 2024 17:41:03 GMT

GET
H2 200 hotjar-647720.js Show response
static.hotjar.com/c/ 9 KB
4 KB 144ms
51ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-647720.js?sv=6

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

0b11ed6bcd55045d479ac897493f654520adf930dfc90d2109e73596ca59ed5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 29
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/3bd0bf5b33b2c147e2b34680d2ee5a26
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Pd38jDhd37JGUthZOfFG_b1d-PL0tnUZwDK-kO7TQxIPGO_lT7fwFQ==

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 101 KB
24 KB 119ms
67ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=5517375e97
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5517375e97.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2934171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGDEVu%2BNCgIQrucQw95yYHan8%2Few9s%2Bqf9nLlxvpCtRlz9ytI2ZayW%2BB%2BmW6NoIHMOnxs%2FwORmcEwVgaHhyyR2fHya55UdWHdSSE%2Bq25diknnuV1Wj7bFEeUyiV504WgQ1%2Bw9LIUmA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87fab4a6ba87bbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: MyPiauVb0H-ycRQJG3eoQpBqGYHHlpNGXQRmPE5oYUQtA9I3zJms0g==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 27 KB
5 KB 109ms
57ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=5517375e97
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5517375e97.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2934171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qfk%2BG1g82%2Bingld374QuaSI%2Boj2VjlXBnBeE4WybvmDPiKvFrYxZtcrpoN5RuNQ1oAS8Ea1UJN%2F7dHEGvg0fRefCAZ%2FdNTIlW29DB%2BJ2qTpR0%2F%2FXQxCEHDwYwuq6wM4jwxTOny%2BSug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87fab4a6ba8dbbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: SsygLHTikOf6oZZK-9aIbFSnBzaA_bEEmQZ54CBXz5ZTOxJb3BZxcg==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 823 B
1021 B 105ms
54ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=5517375e97
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5517375e97.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 69b4ccb4caed8bb6a3a45a0df08d1446.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 2934171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1rop%2Br%2BQU66itzNsIXLe7ubmZFb2sWdkMvquWHcQIjqL4c35eVJ9ptMqgSoJLTXi0rsqcfVmhSk7O54klS%2BOfE6Kc54XYZJtYvUXZzbCMtx2cofMQX5DJmSiHfG1lYugDA8NIFcuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87fab4a6ba8bbbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: WeQCEjCh5pKzRGD1BeMdXG1KtJWvM1actih-wU2vqfNbOrJmH19MhA==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 2 KB
1 KB 110ms
59ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=5517375e97
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5517375e97.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2935061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FKS8tsH5c3QQ3k3RH8UUedroTZSWVVYZtyrLDZi7MFkNtm0zn47zGxijtbwBy4VeS69i7a694ev1YAuP8ICr%2BD5ACiFZvrxjpJTeNtN9DDcXRm609gJNDUzK4nP2MYUAHSDxkXq7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87fab4a6ba8fbbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sZ1hjK7Ui4yuzTvXEjpFSJDmWeDoeOR3WiE6rBx7bTldBmrn9w75lg==

GET
H2 200 /
playlist.megaphone.fm/ Frame F2C9 0
0 523ms
151ms Document
text/html 34.72.38.16
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://playlist.megaphone.fm/?e=CYBW9865829031

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

16.38.72.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://live.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 1479
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 17:31:45 GMT
etag: W/"ad7efebe2559d2207d601dbcbb9fc4dd"
link: </assets/application-91f5eab2e8b9577328404af470d2b2cc2c9d1844264fc75bfda472626e269c72.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-request-id: 4c463bfa31befb25cd4cef70fffc44b7
x-runtime: 0.007081
x-xss-protection: 0

GET
H2 200 LIVEcommunity-internal-banner.png
live.paloaltonetworks.com/html/assets/ 106 KB
106 KB 111ms
111ms Image
image/png 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.paloaltonetworks.com/html/assets/LIVEcommunity-internal-banner.png
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: af4019ae4a0b2a2a40a290d998b0f62b0c02901c6d109c0b24ba9e085090bbe1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 16:25:34 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 3971
etag: W/"108241-1618523982000"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
content-length: 108241
x-amz-cf-id: y-xmwRree3tDuaT1bgaWcyR0sEANcVbcPp_2xewH_fhwZgjRV739xA==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89c419f5a640b98667179040f3fc0610facdb564ab368d17c015065f24e3ee87

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 170ms
78ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:44:48 GMT
x-content-type-options: nosniff
age: 553617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:44:48 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:00:23 GMT
x-content-type-options: nosniff
age: 552682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 08:00:23 GMT

GET
H2 200 fontawesome-webfont.woff2
live.paloaltonetworks.com/html/assets/fonts/ 55 KB
56 KB 89ms
89ms Font
font/woff2 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 15:43:12 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Fri, 26 Apr 2024 08:35:44 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 6513
etag: W/"56780-1714120544000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
content-length: 56780
x-amz-cf-id: sBC2LmddHIFemiK9Gl57lPgosq68x-KB8UKUJx85dMLKFdjT7pd9iw==

GET
H2 200 Decimal-Medium-Pro_Web.woff2
live.paloaltonetworks.com/html/assets/ 50 KB
50 KB 105ms
104ms Font
font/woff2 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/assets/Decimal-Medium-Pro_Web.woff2
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 9c1d6395615cae4aa62776a2acbe73a24819df1b1773845fa3e99fe828783961

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:26:27 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 318
etag: W/"50943-1618523982000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
content-length: 50943
x-amz-cf-id: imdNq1LGOFA2LT53QoYikbYnmlcO-C5u4xBZm3d_O6fR6ntzpKQz8w==

GET
H2 200 CustomIcons.ttf
live.paloaltonetworks.com/html/assets/ 13 KB
9 KB 104ms
103ms Font
font/ttf 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/assets/CustomIcons.ttf
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 9a453db2435f1588b3c20cd16d049f3f8c96ebe48b0723a36e81cf97f1ea9ebd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 16:37:55 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 3230
etag: W/"13692-1618523982000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=7200
x-amz-cf-id: vswQWywDfpcTuLUiFLJ_gA8kPEuAK5gUtR88UM29ctq4wv2xbtoumg==

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 188ms
98ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:07:44 GMT
x-content-type-options: nosniff
age: 552241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 08:07:44 GMT

GET
H2 204 237318592806_1715016704566.gif
live.paloaltonetworks.com/beacon/ 0
830 B 203ms
203ms Image
text/plain 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.paloaltonetworks.com/beacon/237318592806_1715016704566.gif

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Fri, 02 Nov 2007 00:36:01 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
x-amz-cf-id: zkMhTVKMKIJi7syRxCF7E9gNAuntDmTdYTQRZ9ZHKUWD6XXq9jHVgg==
expires: Thu, 22 Jan 1976 08:28:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
229 B 48ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1667767319&t=pageview&_s=1&dl=https%3A%2F%2Flive.paloaltonetworks.com%2Ft5%2Fthreat-vector%2Funderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%2Fta-p%2F585372&ul=de-de&de=UTF-8&dt=Understanding%20the%20Midnight%20Eclipse%20Activity%20and%20CVE%202024-3400%20%7C%20Palo%20Alto%20Networks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=146614340&gjid=234906572&cid=720558650.1715016705&tid=UA-494959-7&_gid=1110431828.1715016705&_r=1&_slc=1&z=174501689

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3a09a137e0ba421a5d941cc51e749454c169fd98af5523b102f4de2e7760eadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 free-fa-v4compatibility.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 5 KB
5 KB 51ms
51ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-v4compatibility.woff2
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73f2eb3153fa5bdb350c09727d35621e7294d8c70369d398bd3055cf3af77b67

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2934194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4784
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
etag: "a4f1bf358fb4aca4b4ad13db21d1095e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17%2BJg4vullS%2BPkwpg61CVRPq%2FoSgAWLnGzBuwttXUVLQpNau2mlzvSEKROLV0XONICHBt%2BF3ujOOGY7S5rlMzX21M9bUxu55uKySvuVhvGLX4v9DvqGvAfEsB08HiZb2DKyQnqAZ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 87fab4a80c88bbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: lO7eYAO75joxYyqkD3csGgPSsXHtPaVpLtu_hz7vf1tv23voR6LZVw==

GET
H3 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 25 KB
26 KB 52ms
52ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-regular-400.woff2
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3808053242504d654e37fe066d1cabddd317715e96565d632cb9e35115d120b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2935059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 25408
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
etag: "01f322780d84882bcac002c65d92099e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4kPwdlapftklmyDDErCnPNPLLUxt8kOm6cTjqRtz2%2Bsr%2F2p84nM42nesGMBmAvUjln7F0%2BmJ%2FDW3LGnT7PtbjlR2pOprFzSHlEvrw8dQn3OVFQeGdE8qEjZDSfU62Gt1Qeai5c7clw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 87fab4a80c8cbbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qf52P1l3adOO8HdlEmAHRi8VW-KA7IWSeADuRnNfsq0zTrUCq4IuBQ==

GET
H3 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 115 KB
116 KB 91ms
91ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2935058
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 117856
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
server: cloudflare
etag: "5674af1ac41fe62c1b4568cbb6a031ff"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U20i1TzKTGbqXpejNVK5yaO05xgIJ98o3bKMkfLoxAj1luxvdr5FGIh6qLU%2FQMkHaJIaXrQC%2FruqU0So5r3HXIIO%2FM%2F3ceaDSWpTgGsI1FLfhCbtFwkzBjUIymXG13YhJ8aP1Q9QqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 87fab4a80c90bbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: wGkIbC9yr4obwgPSzk9_SY8p0BjEQnrxcySlgjwivWwrQTRMr1Vvwg==

GET
H2 200 check-black.svg
live.paloaltonetworks.com/html/assets/ 571 B
779 B 61ms
61ms Image
image/svg+xml 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.paloaltonetworks.com/html/assets/check-black.svg
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 443b84a880cb115734ac8b4741c4a4e6d0382c9001e88093f349e7d617bc5615

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/skins/6443402/4bc3b6fe601cea5c58a6d3bb0485e7cd/paloalto.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 16:34:17 GMT
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 3448
x-cache: Hit from cloudfront
content-length: 373
last-modified: Sat, 03 Feb 2024 02:29:45 GMT
server: Apache
etag: W/"571-1706927385000-gzip"
vary: Origin,Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
x-amz-cf-id: 7sbF8fSC-UP39ZKDy3pa7zcOzRlU7wP5cbhI3XrBH9E30610C6XOfA==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:58:17 GMT
x-content-type-options: nosniff
age: 552808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:58:17 GMT

GET
H2 200 modules.842bcec28f9fd12bb79e.js Show response
script.hotjar.com/ 221 KB
55 KB 141ms
44ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.842bcec28f9fd12bb79e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-647720.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

1d85a9a8a0c664f61a19377e5846769cce64d963e29001f56403926e63033f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 13:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 359199
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55872
last-modified: Thu, 02 May 2024 13:44:30 GMT
etag: "f27d2d9a453e162eec63180cf358c726"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FINOYJ-FGnIQ2FrDwHA4wAtriP9IE2jU-Bi3U_5utMZlhENL70PqSQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
353 B 148ms
48ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-494959-7&cid=720558650.1715016705&jid=146614340&gjid=234906572&_gid=1110431828.1715016705&_u=IEBAAEAAAAAAACAAI~&z=2130997746

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 May 2024 17:31:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
94 KB 167ms
80ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ETZLDKMFSY&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c3452399969cf02f257fba169e89e05497922d8b594a22871b551b42002dc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96308
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 17:31:45 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 217 B
828 B 178ms
58ms XHR
application/json 52.212.196.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1715016705281

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.196.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-196-90.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8ecce5ae11a225dfa5740b30a6c4e6fad1d8d99e6f0df35e70c79cddc699293b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v060-025ec8c26.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Mon, 06 May 2024 17:31:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: KuOhFAUqTxs=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 216
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 41ms
40ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12687
expires: Mon, 06 May 2024 18:31:45 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 3 KB
2 KB 39ms
39ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Mon, 06 May 2024 18:31:45 GMT

GET
H2 200 e78feef73ff94c88.min.js Show response
scripts.demandbase.com/adobeanalytics/ 5 KB
3 KB 159ms
48ms Script
application/javascript 143.204.9.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/adobeanalytics/e78feef73ff94c88.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.9.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-9-21.mxp64.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c9c183c8efe02b849d685a1a9b5989159335f62e89d0510162efef636d90c84e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 42._nTKlB0W0a7nUUVM5_0UTxFNlGqWt
content-encoding: gzip
via: 1.1 7a06a73d3c4d9b2940678fa230525000.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 05:20:12 GMT
last-modified: Thu, 11 Feb 2021 17:03:06 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MXP64-C1
age: 44215
etag: W/"2c4db711e40a8d2f0e54d9ff6d4a1c6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: F0CU4oU24HUdJcop8EeEPlPe2CArQz6xmbazDCDX0sEHfnkivBIgIg==

POST
H2 200 articlepage.recommendedcontenttaplet:lazyrender Show response
live.paloaltonetworks.com/t5/tkb/v2_4/ 14 KB
3 KB 432ms
431ms XHR
application/json 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live.paloaltonetworks.com/t5/tkb/v2_4/articlepage.recommendedcontenttaplet:lazyrender?t:ac=blog-id/Threat-Vector-Podcast/article-id/9&t:cp=recommendations/contributions/page

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/scripts/BE0032418924EBD91CF51033577A461C/lia-scripts-common-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-38.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

a87eff2c5c24896c6c62b1ac93ab3da9f072ef277ac39ebd84525825a2b8d506

Security Headers

Name	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
content-security-policy: connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
content-encoding: gzip
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA60-P7
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow
x-amz-cf-id: FE08ANVVE83rUyYACn3SOYtVZa89RIUCobzRlhDlFAqtTrRFczHSsw==

GET
DATA 200
OK truncated
/ 667 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 RC3615a4a11a95467b8f2f4616c8fa83bd-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/44023ce95133/5164002ca4e8/ 1 KB
787 B 40ms
39ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/5164002ca4e8/RC3615a4a11a95467b8f2f4616c8fa83bd-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9f3b0211b1a30ecd5868c6f0dc0c921c4d72e52ec52521d10ff4924d1feec6ba

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
content-encoding: gzip
last-modified: Mon, 05 Feb 2024 16:47:33 GMT
server: AkamaiNetStorage
etag: "f424441fb90cde5be8082f8ea9145703:1707151653.223198"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 524
expires: Mon, 06 May 2024 18:31:45 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 153 KB
153 KB 50ms
49ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Origin: https://live.paloaltonetworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2935055
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
server: cloudflare
etag: "ae015e3286ef56a0daf8e83838a32a88"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLG7SZ1v4WEJ29SYjfZWNcCXPZ1R1hxfpcc0SHsRtbb5vQd%2F7Z3z1E%2FBbqBwLCtywjdq00FJgE%2BNoF%2Bg2ZuZmPyf%2FR5mGNcFLTSlAUVlRwIor5nPkoLgba23QKfjDhDvV1U9zHx2fA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 87fab4a92e63bbd1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: xWytmET1FixmCdxX_90FWpMdy4GWTm5mS04lme01Jifm776OpJRJOw==

GET
H2 200 id Show response
sstats.paloaltonetworks.com/ 48 B
477 B 250ms
51ms XHR
application/x-javascript 63.140.62.222
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.paloaltonetworks.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=9A531C8B532965080A490D4D%40AdobeOrg&mid=75731704478092018991565650663028289715&ts=1715016705481

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

3c3e1018713988aa47a5da58d8d3fce05f7ee76bffedabab1f4555dabeecc27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://live.paloaltonetworks.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 482 B
717 B 288ms
92ms Script
application/javascript 18.66.102.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?auth=mTSWoP7tDDj1bmrfd7DoCwq1MAt3SukHko7rQP5o&callback=Dmdbase_CDC.callback
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-127.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 839639d66f9ba1fa56364db43d202f98a695d85c0f8f8a7faaa705cb5a103f30

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:45 GMT
content-encoding: gzip
identification-source: CENTRAL
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
api-version: v2
request-id: bf2d3a3b-4a0a-4eaf-b165-940ff8022204
x-amz-cf-id: K-2057wYLNGtdQm-39SAvOY1EdcERdP2sNzVy6yA5yKB4uVTQ7fxcg==
expires: Sun, 05 May 2024 17:31:45 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 174ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ETZLDKMFSY&gtm=45je4510v9125471626za200&_p=1715016705273&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=720558650.1715016705&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Flive.paloaltonetworks.com%2Ft5%2Fthreat-vector%2Funderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%2Fta-p%2F585372&dt=Understanding%20the%20Midnight%20Eclipse%20Activity%20and%20CVE%202024-3400%20%7C%20Palo%20Alto%20Networks&sid=1715016705&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1854
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETZLDKMFSY&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 49ms
48ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ETZLDKMFSY&cid=720558650.1715016705&gtm=45je4510v9125471626za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETZLDKMFSY&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 192ms
67ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ETZLDKMFSY&cid=720558650.1715016705&gtm=45je4510v9125471626za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&z=372448638

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 s7430059010386 Show response
sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LDQM/ 43 B
329 B 54ms
53ms XHR
image/gif 63.140.62.222
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LDQM/s7430059010386

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 May 2024 17:31:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 07 May 2024 17:31:45 GMT
server: jag
etag: 3682970330933297152-4618274462346120233
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 05 May 2024 17:31:45 GMT

GET
H2 200 e78feef73ff94c88.min.js Show response
tag.demandbase.com/ 77 KB
22 KB 678ms
47ms Script
application/javascript 18.245.46.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/e78feef73ff94c88.min.js

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-44.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ec948cd81adcde0966d64659c77ab6c4b4d565275e608e473afda4b9ef8db307

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: SsEIfb8ykpKNJvMBF.jrJsu8wqlhh5cU
content-encoding: gzip
via: 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 17:11:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 1281
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 Apr 2024 18:35:27 GMT
server: AmazonS3
etag: W/"b3d044b42203c80fddfa636996c931f4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: OciXAwfVV1i4mTPkRMdnhPH0Lb3M8fiNkez5ZvtzKge3G5siTYc2tw==

GET
H2 200 sync
s.company-target.com/s/ Frame 0B19 0
0 239ms
129ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e78feef73ff94c88.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://live.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 17:31:46 GMT
via: 1.1 google

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 456 B
953 B 86ms
86ms XHR
application/json 18.66.102.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Flive.paloaltonetworks.com%2Ft5%2Fthreat-vector%2Funderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%2Fta-p%2F585372&page_title=Understanding%20the%20Midnight%20Eclipse%20Activity%20and%20CVE%202024-3400%20%7C%20Palo%20Alto%20Networks
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e78feef73ff94c88.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-127.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a8bf87e9954ff307c0ed5aff9e697455b1e6f85882d395847990883f1276ff16

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 May 2024 17:31:46 GMT
content-encoding: gzip
identification-source: CENTRAL
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: e065c288-5264-4d95-81ad-9bb8893be925
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://live.paloaltonetworks.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g92rzQ-nJFWshrRZx6F0rUfUNPcit4ECorlQYV0IMHS_8p1tstylzw==
expires: Sun, 05 May 2024 17:31:46 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 309 KB
104 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-KS2MELEEFC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETZLDKMFSY&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af62e65210fc5d2f420d2880af63655f6ea051fa5dba6bf2bd1f99630b5e5dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 17:31:46 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 797ms
409ms XHR
text/html 2600:9000:2156:9e00:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=g92rzQ-nJFWshrRZx6F0rUfUNPcit4ECorlQYV0IMHS_8p1tstylzw==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e78feef73ff94c88.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9e00:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Mon, 06 May 2024 04:27:47 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 47049
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ZtZyTeOiPlMdLhr0lQHwtwoofEqJcpyJ8jyl0Yqru1IS3S84ZTFsYg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KS2MELEEFC&gtm=45je4510v880354802za200&_p=1715016705273&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=720558650.1715016705&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1715016706&sct=1&seg=0&dl=https%3A%2F%2Flive.paloaltonetworks.com%2Ft5%2Fthreat-vector%2Funderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%2Fta-p%2F585372&dt=Understanding%20the%20Midnight%20Eclipse%20Activity%20and%20CVE%202024-3400%20%7C%20Palo%20Alto%20Networks&en=Demandbase_Event&_fv=1&_ss=1&_ee=1&ep.demandbase_sid=(Non-Company%20Visitor)&ep.demandbase_company_name=(Non-Company%20Visitor)&ep.demandbase_industry=(Non-Company%20Visitor)&ep.demandbase_sub_industry=(Non-Company%20Visitor)&ep.demandbase_employee_range=(Non-Company%20Visitor)&ep.demandbase_revenue_range=(Non-Company%20Visitor)&ep.demandbase_audience=Residential&ep.demandbase_audience_segment=(Non-Company%20Visitor)&ep.demandbase_web_site=(Non-Company%20Visitor)&ep.demandbase_city=(Non-Company%20Visitor)&ep.demandbase_state=(Non-Company%20Visitor)&ep.demandbase_country_name=Germany&tfd=3013
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-KS2MELEEFC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 49ms
48ms Ping
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KS2MELEEFC&cid=720558650.1715016705&gtm=45je4510v880354802za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-KS2MELEEFC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.5.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.paloaltonetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
64ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KS2MELEEFC&cid=720558650.1715016705&gtm=45je4510v880354802za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1224287527

Requested by

Host: live.paloaltonetworks.com
URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 17:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 149ms
61ms Script
text/javascript 2a00:1450:4001:80b::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/44023ce95133/launch-4ef8b5215a98.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

b0a1a9d37e7e802c15f72c107bd1e565455c049209bfbeb48c733a9a71573cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 06 May 2024 17:31:49 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 63ms
63ms Image
text/html 142.250.186.72

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1672999505&rv=4510&u=AAAAAAAIAAAAACAAAAAAAABA&ut=Ag&h=Ag&gtm=45je4510v880354802za200&ccid=80354802&cid=G-KS2MELEEFC&l=L1571.S18.B15.E2765.I1586.EC7.TC29.HTC0~gtm.init.S0.V0.E18.TS5ogtgasend.TI133.TE0.TS5ogtcrossdomain.TI135.TE0.TS5ogtreferralexclusion.TI136.TE1.TS5ogtipmark.TI137.TE0.TS5ogtipmark.TI138.TE0.TS5ogtipmark.TI139.TE0.TS5ogtipmark.TI140.TE0.TS5ogtipmark.TI141.TE0.TS5ogtipmark.TI142.TE0.TS5ogtipmark.TI143.TE0.TS5ogtipmark.TI144.TE0.TS5ogtipmark.TI145.TE0.TS5ogtipmark.TI146.TE0.TS5ogt1pdatav2.TI147.TE0.TS5ccdgalast.TI148.TE0.TS5ccdautoredact.TI149.TE0.TS5ogteventcreate.TI150.TE0.TS5ogteventedit.TI151.TE0.TS5ccdconversionmarking.TI152.TE0.TS5ccdemvideo.TI153.TE0.TS5ccdemsitesearch.TI154.TE0.TS5ccdempageview.TI155.TE0.TS5ccdemdownload.TI156.TE0.TS5ccdgaregscope.TI157.TE0.TS5ogtgooglesignals.TI158.TE0.TS5ccdgaadslink.TI159.TE0.TS5setproductsettings.TI160.TE0.TS5ccdgafirst.TI161.TE0~gtm.js.S0.V0.E12.TS5gct.TI130.TE0~gtm.dom.S0.V0.E10~*.S0.V0.E4~*.S0.V0.E4~gtm.load.S0.V0.E0~gtm.init_consent.S0.V0.E17~GA1441

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 17:31:49 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 favicon.ico
live.paloaltonetworks.com/html/@AF88D457713207EDCC5EEBCB342CACE0/assets/ 15 KB
15 KB 66ms
66ms Other
image/x-icon 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.paloaltonetworks.com/html/@AF88D457713207EDCC5EEBCB342CACE0/assets/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 5d967a2b624b90757d568b0219ca3a115cb7c6fd3f37ab88d606a97fd6824e19

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jul 2023 00:51:42 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 21:59:42 GMT
server: Apache
x-amz-cf-pop: FRA60-P7
age: 25375207
etag: W/"15086-1618523982000"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/x-icon
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15086
x-amz-cf-id: 3ZBp2SW7yzoSBH8WSR74K6wzrLnDJs2XM0mcyXf2sd6Lw6HbhXFVqg==

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/edea0cc6/www-widgetapi.vflset/ 215 KB
67 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edea0cc6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6da8826764163d4aba5b51219bfc2c74d0d7013ac98c69547bc9b75e2615dbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.paloaltonetworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 16:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68182
x-xss-protection: 0
last-modified: Thu, 02 May 2024 04:16:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 May 2025 16:56:53 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p	1969-12-31 23:59:59	Name: LSKey-c$adobe_ecid Value: 179643557
live.paloaltonetworks.com/	1969-12-31 23:59:59	Name: LiSESSIONID Value: F5F078017B6527F1EBA693992AB1AFA3
live.paloaltonetworks.com/	1970-01-21 00:46:36	Name: LithiumNecessaryCookiesAccepted Value: 0
live.paloaltonetworks.com/	1970-01-21 00:46:36	Name: LithiumFunctionalCookiesAccepted Value: 0
live.paloaltonetworks.com/	1970-01-21 00:46:36	Name: LithiumTargetingCookiesAccepted Value: 0
live.paloaltonetworks.com/	1970-01-21 00:46:36	Name: LithiumPerformanceCookiesAccepted Value: 0
.paloaltonetworks.com/	1970-01-20 20:25:03	Name: _gid Value: GA1.2.1110431828.1715016705
.paloaltonetworks.com/	1970-01-20 20:23:36	Name: _gat Value: 1
live.paloaltonetworks.com/	1970-01-21 00:46:36	Name: VISITOR_BEACON Value: ~2RhFPYtimtuvizxT2~VZMxCPV9CtpmLsJ9y8WBe1CttuobQXhi1yt4ukSzrn0vsag6K2qPgZ5YhYZ3PuBofAdCTC7M-mJg1k0KP6zS7A..
.demdex.net/	1970-01-21 00:42:48	Name: demdex Value: 69923479669780190672137749618084477091
.paloaltonetworks.com/	1970-01-21 05:09:12	Name: _hjSessionUser_647720 Value: eyJpZCI6ImEzMmI3YzU4LTI2M2ItNWI1Ni04OTdhLWI0NGE1YWE2ZDBiMCIsImNyZWF0ZWQiOjE3MTUwMTY3MDU0NzMsImV4aXN0aW5nIjpmYWxzZX0=
.paloaltonetworks.com/	1970-01-20 20:23:38	Name: _hjSession_647720 Value: eyJpZCI6IjY5ZDBhNmYxLTczNjMtNDk1MC04M2JhLTZmYmMyYmQ3YmYyYSIsImMiOjE3MTUwMTY3MDU0NzQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: AMCVS_9A531C8B532965080A490D4D%40AdobeOrg Value: 1
.paloaltonetworks.com/	1970-01-21 05:59:36	Name: _ga_ETZLDKMFSY Value: GS1.2.1715016705.1.0.1715016705.60.0.0
live.paloaltonetworks.com/	1970-01-20 20:33:41	Name: AWSALB Value: RBIBssc1GmJRWGJfUhBmU/OD0eFCCKV1f/wtYOwz3rM/jOYVDDdDKweg/oI0C7Sf35RUt6WJIL2Uj3N1hdIacPt4Qtn7udTN3FIT6kM3W824P19VuBgEfx48gSDz
live.paloaltonetworks.com/	1970-01-20 20:33:41	Name: AWSALBCORS Value: RBIBssc1GmJRWGJfUhBmU/OD0eFCCKV1f/wtYOwz3rM/jOYVDDdDKweg/oI0C7Sf35RUt6WJIL2Uj3N1hdIacPt4Qtn7udTN3FIT6kM3W824P19VuBgEfx48gSDz
live.paloaltonetworks.com/	1970-01-21 00:46:36	Name: LithiumVisitor Value: ~2qQcWebo2GKHtbNKB~zmYrSpxFdhZSD3WQL5unHL1nOUuu4CHqv0KGDhjkvHGjsFC1NZZugMwW9KDtx4Thi2PUaU0jYGnnIRXzJfa5Uw..
.paloaltonetworks.com/	1970-01-21 05:59:36	Name: s_ecid Value: MCMID%7C75731704478092018991565650663028289715
.paloaltonetworks.com/	1970-01-21 05:59:36	Name: AMCV_9A531C8B532965080A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19850%7CMCMID%7C75731704478092018991565650663028289715%7CMCAAMLH-1715621505%7C6%7CMCAAMB-1715621505%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1715023905s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.paloaltonetworks.com/	1970-01-21 05:59:36	Name: s_lv Value: 1715016705737
.paloaltonetworks.com/	1970-01-20 20:23:38	Name: s_lv_s Value: First%20Visit
.paloaltonetworks.com/	1970-01-20 20:23:38	Name: s_pv Value: live%3At5%3Athreat-vector%3Aunderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%3Ata-p%3A585372
.paloaltonetworks.com/	1970-01-20 20:59:52	Name: s_vnum Value: 1717192800738%26vn%3D1
.paloaltonetworks.com/	1970-01-20 20:23:38	Name: s_invisit Value: true
.paloaltonetworks.com/	1970-01-20 21:06:48	Name: s_nr Value: 1715016705738-New
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_plt Value: live%3At5%3Athreat-vector%3Aunderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%3Ata-p%3A585372
.paloaltonetworks.com/	1970-01-20 20:23:38	Name: gpv_v9 Value: live%3At5%3Athreat-vector%3Aunderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%3Ata-p%3A585372
.paloaltonetworks.com/	1970-01-20 20:23:38	Name: s_ppn Value: live%3At5%3Athreat-vector%3Aunderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%3Ata-p%3A585372
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_ppv Value: live%253At5%253Athreat-vector%253Aunderstanding-the-midnight-eclipse-activity-and-cve-2024-3400%253Ata-p%253A585372%2C46%2C46%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.paloaltonetworks.com/	1970-01-20 20:23:38	Name: dmdbase_cdc Value: DBSET
.company-target.com/	1970-01-21 05:59:36	Name: tuuid Value: d4b81584-c8d6-4396-925c-f8e1858634d1
.company-target.com/	1970-01-21 05:59:36	Name: tuuid_lu Value: 1715016706\|ix:0\|mctv:0\|rp:0
.paloaltonetworks.com/	1970-01-21 05:59:36	Name: _ga_KS2MELEEFC Value: GS1.1.1715016706.1.0.1715016706.60.0.0
.paloaltonetworks.com/	1970-01-21 05:59:36	Name: _ga Value: GA1.1.720558650.1715016705
.casalemedia.com/	1970-01-21 05:09:12	Name: CMID Value: ZjkUAlVbLbAAAG1SBMgA-AAA
.casalemedia.com/	1970-01-20 22:33:12	Name: CMPS Value: 3362
.casalemedia.com/	1970-01-20 22:33:12	Name: CMPRO Value: 3362
.tremorhub.com/	1970-01-21 05:09:33	Name: tvid Value: 24751e892dc640ccab2a12f21ee17370
.tremorhub.com/	1970-01-21 05:59:36	Name: tv_UIDM Value: d4b81584-c8d6-4396-925c-f8e1858634d1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://live.paloaltonetworks.com/t5/threat-vector/understanding-the-midnight-eclipse-activity-and-cve-2024-3400/ta-p/585372 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src https: wss: blob:; default-src https:; font-src https: data:; frame-ancestors https://www.paloaltonetworks.com/ https://live.paloaltonetworks.com/; img-src https: data: blob:; media-src https: blob:; script-src blob: https: 'unsafe-eval' 'unsafe-inline'; style-src https: blob: 'unsafe-inline';
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
assets.adobedtm.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
live.paloaltonetworks.com
maxcdn.bootstrapcdn.com
playlist.megaphone.fm
region1.analytics.google.com
s.company-target.com
script.hotjar.com
scripts.demandbase.com
sstats.paloaltonetworks.com
static.hotjar.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tag.demandbase.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.18.10.207
13.32.27.19
142.250.186.72
142.251.5.156
143.204.9.21
172.217.18.3
172.67.139.119
18.245.46.44
18.66.102.106
18.66.102.127
2001:4860:4802:34::36
2600:9000:2156:9e00:1d:8d6d:3b40:93a1
2606:4700:4400::6812:2844
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:4001:81c::200a
2a00:1450:400c:c06::9a
2a02:26f0:480:f9d::1e80
3.160.150.38
34.72.38.16
34.96.71.22
52.212.196.90
63.140.62.222
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07bf7315882510d4cc5e732ffe1573f747fdfb70bd3131af72aa48c69910da44
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0b11ed6bcd55045d479ac897493f654520adf930dfc90d2109e73596ca59ed5b
0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1d85a9a8a0c664f61a19377e5846769cce64d963e29001f56403926e63033f31
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2d11e2c9ab4e002b1f0b9cc366696f7e4f05f7bdd1ef379a2f78211b23386c4e
3576ffe86e82b17a0c85a880caf93fcb92c008d1acd6543d5a1822e2bb547c4e
372aeeb5092d7982297b8ce7a6610cb9a088f3e962748cc947b9900948d39e33
3a09a137e0ba421a5d941cc51e749454c169fd98af5523b102f4de2e7760eadb
3c3e1018713988aa47a5da58d8d3fce05f7ee76bffedabab1f4555dabeecc27e
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825
443b84a880cb115734ac8b4741c4a4e6d0382c9001e88093f349e7d617bc5615
45bdb17bc257a64ec4dba2839351a7eab4a4e308639fe55679ac793f23afd2ce
4ef6697c4e02b8d303361a7b0e8f0e914a6b2fbd98b4de3577d175064706bf0c
542ba36fabffe4d3c685191820f7e72aa6847319d439f0cc1073de2222863f20
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5c3452399969cf02f257fba169e89e05497922d8b594a22871b551b42002dc77
5d967a2b624b90757d568b0219ca3a115cb7c6fd3f37ab88d606a97fd6824e19
673d2cec1d3719e9bc6bd6a4d71abe5693f545758d19b138e511c3a2b776cbc8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6da8826764163d4aba5b51219bfc2c74d0d7013ac98c69547bc9b75e2615dbb6
73f2eb3153fa5bdb350c09727d35621e7294d8c70369d398bd3055cf3af77b67
7785d249a00c8f2b99296c92289e59aa4ef4a52943aaa2a38fa696d1335336de
7c7c56d011d3a1c307c0df3055deec93f12a09a0d99953dbbccacff163dfafb9
839639d66f9ba1fa56364db43d202f98a695d85c0f8f8a7faaa705cb5a103f30
89c419f5a640b98667179040f3fc0610facdb564ab368d17c015065f24e3ee87
8aeb52bfd69b48dd91ab5ab457e493b11754faf5bc880e4f2b1803cd50389481
8c666acb22ffabb6f504067c23870928348212d362e1b819610db902d371f334
8d423e3087d443a6007c3d8bbcd62c5255fa11058d4bae90883834cd2bf99669
8e1e0e7bc9d6ff802228d806938f3545a695261df341731332a1bdc075b39aff
8ecce5ae11a225dfa5740b30a6c4e6fad1d8d99e6f0df35e70c79cddc699293b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
9a453db2435f1588b3c20cd16d049f3f8c96ebe48b0723a36e81cf97f1ea9ebd
9c1d6395615cae4aa62776a2acbe73a24819df1b1773845fa3e99fe828783961
9f3b0211b1a30ecd5868c6f0dc0c921c4d72e52ec52521d10ff4924d1feec6ba
a87eff2c5c24896c6c62b1ac93ab3da9f072ef277ac39ebd84525825a2b8d506
a8bf87e9954ff307c0ed5aff9e697455b1e6f85882d395847990883f1276ff16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
adc282672afec8c011e51d8805ff33f82a249e782abd3031e6f22d46b921b8d3
af4019ae4a0b2a2a40a290d998b0f62b0c02901c6d109c0b24ba9e085090bbe1
af62e65210fc5d2f420d2880af63655f6ea051fa5dba6bf2bd1f99630b5e5dd4
b05c1383abde3d292a0bb660a157c9153a3531931321fa092442a078ac4dc755
b0a1a9d37e7e802c15f72c107bd1e565455c049209bfbeb48c733a9a71573cef
b3808053242504d654e37fe066d1cabddd317715e96565d632cb9e35115d120b
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c9c183c8efe02b849d685a1a9b5989159335f62e89d0510162efef636d90c84e
cf29ff08d3e9354cfcfa316bb89b9f90ceb1d14a7ff6f2ca048cd8ab160ec8e0
d5ea5588bdc9452b8071ee2d0020fe68247e30e4df69cc9805f030de84899fbd
d68c87dd14a6d930bcf636725c453c33490c083be547441149fd263be8caf2f9
dd160737ff99d0b3796fc177f5b10d9121a67ba4865abfcff00294fc5538def0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df121b41fbbbd202c00e21a470db3a5b483d273f16bac08c4b569189625c3fd6
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec948cd81adcde0966d64659c77ab6c4b4d565275e608e473afda4b9ef8db307
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f
edf1163113eae0136f1ececf4084fea19208dc3c04a959916cf649646ac42b94
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
f7d80c69dbd2fbc66b658a2e726ae73dba6dcd52dd7bc80798f8a2cd0f416473

live.paloaltonetworks.com Open in urlscan Pro 3.160.150.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

100 %HTTPS

40 %IPv6

17 Domains

23 Subdomains

26 IPs

5 Countries

3030 kBTransfer

8587 kBSize

41 Cookies

16 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

live.paloaltonetworks.com Open in urlscan Pro
3.160.150.38 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

100 %
HTTPS

40 %
IPv6

17
Domains

23
Subdomains

26
IPs

5
Countries

3030 kB
Transfer

8587 kB
Size

41
Cookies

75 HTTP transactions
2 data transactions