register.paloaltonetworks.com Open in urlscan Pro
151.101.2.133 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&u...
Submission: On November 04 via api (November 4th 2024, 1:05:46 pm UTC) from OM — Scanned from DE

Summary HTTP 74 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 74 HTTP transactions. The main IP is 151.101.2.133, located in San Francisco, United States and belongs to FASTLY, US. The main domain is register.paloaltonetworks.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 5th 2024. Valid for: a year.

This is the only time register.paloaltonetworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
6	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
5	2600:9000:235... 2600:9000:235a:da00:d:9239:1640:21	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:480... 2a02:26f0:480:f9d::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	18.66.92.124 18.66.92.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	52.217.201.40 52.217.201.40	16509 (AMAZON-02) (AMAZON-02)
1	52.72.15.253 52.72.15.253	14618 (AMAZON-AES) (AMAZON-AES)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1 2	63.32.87.126 63.32.87.126	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	18.66.122.78 18.66.122.78	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:f95::c3a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.28.147.84 52.28.147.84	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
74	22

12 151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

register.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

frontend.cdn.splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:235a:da00:d:9239:1640:21 (United States)

ASN16509 (AMAZON-02, US)

d3m889aznlr23d.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f9d::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.92.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-124.fra56.r.cloudfront.net

d24wuq6o951i2g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.201.40 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.15.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-15-253.compute-1.amazonaws.com

third-party-tracking-manager.services.splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.87.126 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-87-126.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-78.fra60.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f95::c3a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

sstats.paloaltonetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.147.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-147-84.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cloudfront.net d3m889aznlr23d.cloudfront.net d24wuq6o951i2g.cloudfront.net	644 KB
15	paloaltonetworks.com register.paloaltonetworks.com www.paloaltonetworks.com — Cisco Umbrella Rank: 116265 sstats.paloaltonetworks.com — Cisco Umbrella Rank: 147388	915 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	199 KB
7	splashthat.com frontend.cdn.splashthat.com — Cisco Umbrella Rank: 115278 third-party-tracking-manager.services.splashthat.com — Cisco Umbrella Rank: 132335 api.splashthat.com — Cisco Umbrella Rank: 118675	588 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401 www.google.com — Cisco Umbrella Rank: 3	971 B
4	amazonaws.com s3.amazonaws.com	918 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	164 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 3901 api-js.datadome.co — Cisco Umbrella Rank: 3832	34 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 243	1 KB
1	gstatic.com www.gstatic.com	217 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	304 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	563 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	122 KB
74	15

	Domain	Requested by
13	d24wuq6o951i2g.cloudfront.net	register.paloaltonetworks.com
12	register.paloaltonetworks.com	register.paloaltonetworks.com
11	cdn.cookielaw.org	assets.adobedtm.com cdn.cookielaw.org js.datadome.co
5	d3m889aznlr23d.cloudfront.net	register.paloaltonetworks.com
4	s3.amazonaws.com	register.paloaltonetworks.com
4	assets.adobedtm.com	register.paloaltonetworks.com assets.adobedtm.com
4	frontend.cdn.splashthat.com	register.paloaltonetworks.com
3	www.google.com	frontend.cdn.splashthat.com www.gstatic.com
2	api.splashthat.com	frontend.cdn.splashthat.com
2	www.paloaltonetworks.com	assets.adobedtm.com register.paloaltonetworks.com
2	dpm.demdex.net	1 redirects register.paloaltonetworks.com
1	www.gstatic.com	www.google.com
1	api-js.datadome.co	js.datadome.co
1	geolocation.onetrust.com	cdn.cookielaw.org
1	sstats.paloaltonetworks.com	assets.adobedtm.com
1	js.datadome.co	register.paloaltonetworks.com
1	www.google.de	register.paloaltonetworks.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.ads-twitter.com	assets.adobedtm.com
1	third-party-tracking-manager.services.splashthat.com	frontend.cdn.splashthat.com
1	www.googletagmanager.com	register.paloaltonetworks.com
74	22

This site contains links to these domains. Also see Links.

Domain
www.paloaltonetworks.com
www.linkedin.com
twitter.com
www.facebook.com
www.onetrust.com

Subject Issuer	Validity	Valid
register.paloaltonetworks.com Go Daddy Secure Certificate Authority - G2	`2024-04-05` - `2025-04-20`	a year	crt.sh
frontend.cdn.splashthat.com R11	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-09-18` - `2025-09-16`	a year	crt.sh
third-party-tracking-manager.services.splashthat.com R11	`2024-10-16` - `2025-01-14`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.datadome.co GandiCert	`2024-10-24` - `2025-11-24`	a year	crt.sh
*.paloaltonetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-31` - `2025-04-02`	a year	crt.sh
sstats.paloaltonetworks.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-20` - `2025-08-20`	a year	crt.sh
api.splashthat.com R11	`2024-09-09` - `2024-12-08`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Frame ID: F92C82133F441598A195CE226E256FF2
Requests: 70 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4&co=aHR0cHM6Ly9yZWdpc3Rlci5wYWxvYWx0b25ldHdvcmtzLmNvbTo0NDM.&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=8jebqrz3w11o
Frame ID: 455DC87FCF691259F0F8EA1C47D6FD82
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4
Frame ID: 09C797E7E5B6D744B7B76F4D489C6F50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hands-On Investigation & Threat Hunting Workshop

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

74
Requests

96 %
HTTPS

38 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

3819 kB
Transfer

11101 kB
Size

10
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paloaltonetworks.com/legal-notices/terms-of-use
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/legal-notices/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/palo-alto-networks?utm_source=marketo

Search URL Search Domain Scan URL

URL: https://twitter.com/PaloAltoNtwks?utm_source=marketo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PaloAltoNetworks/?utm_source=marketo

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/legal-notices/privacy?utm_source=marketo
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/company/contact-us.html?utm_source=marketo
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/legal-notices/terms-of-use?utm_source=marketo
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730725540142 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730725540142

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hands-oninvestigationthreathuntingworkshop67126a29 Show response
register.paloaltonetworks.com/ 495 KB
70 KB 859ms
798ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18968dce75ba42b30e3bf5761003a6e3d2b2c81c854d9e94f9fbb222eeefc9ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 71000
content-type: text/html; charset=UTF-8
date: Mon, 04 Nov 2024 13:05:39 GMT
fastly-restarts: 1
origin-agent-cluster: ?0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
strict-transport-security: max-age=31557600
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-datadome: protected
x-served-by: cache-fra-etou8220043-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
x-timer: S1730725538.435637,VS0,VE778
x-xss-protection: 1; mode=block

GET
H2 200 tuning-fork-redirect.38ebb85460646b2e472e.js Show response
frontend.cdn.splashthat.com/build/standalone/ 47 KB
14 KB 86ms
21ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/tuning-fork-redirect.38ebb85460646b2e472e.js

Requested by

Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0219cf1724380331659324569cbf02f0032eedead5a0fb5bf39e2bd0cd28832

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: gzip
etag: "71c8555d4cd8c63c746a1105767c460b"
x-amz-version-id: 1UyM3CEGAypRqs3xspmxRIE41iH3OMOa
age: 6201
x-cache: HIT
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 09 Sep 2024 06:40:23 GMT
x-served-by: cache-fra-etou8220130-FRA
x-cache-hits: 5
content-type: text/javascript
x-amz-id-2: gGeSLlygmMEM/bJ9ud9bG3Zerbw/D2KeU7D3JcHO4HxgLSktDnx4yTXkm4FkYKaV6Aex1B9N9v0=
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: Cache-Control: public, max-age=31536000, immutable
x-timer: S1730725539.378674,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
x-amz-request-id: XAH94HZ0C6EYD7AM
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14562
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 splash-page.a7903d3c5d3b7c37b079.css
frontend.cdn.splashthat.com/build/standalone/ 98 KB
12 KB 85ms
20ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/splash-page.a7903d3c5d3b7c37b079.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

388e59cb1d7c6846908a93fc161602601a00b971d4f8c61b980a8c2b8c52ef48

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: gzip
etag: "12f9228f96fffa3180a5cc685705e296"
x-amz-version-id: 7unqFE09dfe9ooVO.ni7GLUfMh4wncDr
age: 20688
x-cache: HIT
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 09 Sep 2024 06:40:23 GMT
x-served-by: cache-fra-etou8220130-FRA
x-cache-hits: 47
content-type: text/css
x-amz-id-2: ufDMWwEZvP0zz+hziPXhMTRBZDNiwzMrT+UdzCQ9poC6+K8Ff+uFpM3t0dgowbm0tyfyHuAB0xY=
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: Cache-Control: public, max-age=31536000, immutable
x-timer: S1730725539.378499,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
x-amz-request-id: XAH1Q2JGHHTKRRR8
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12013
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 shared-vendor.bundle.css
register.paloaltonetworks.com/css/dist/ 149 KB
29 KB 53ms
51ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/css/dist/shared-vendor.bundle.css?_v=838cfbe01e1ba021a954022fb3febd1d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

077323503aeb1ebec0d69ad1c205b39e02704dbe6e71fb5e2efed2767077323f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5e04-253c0"
age: 281052
expires: Fri, 08 Nov 2024 06:34:32 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 14 Oct 2024 18:08:04 GMT
content-type: text/css
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230118-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725539.346812,VS0,VE4
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 29788
origin-agent-cluster: ?0

GET
H2 200 shared.bundle.css
register.paloaltonetworks.com/css/dist/ 393 KB
78 KB 55ms
53ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/css/dist/shared.bundle.css?_v=98a8e2aff66ffeaa9369965874d8b759

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f701084a8f1bd51f3722021e8afce775881e7722dccea63fe7665294d506e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5e04-62362"
age: 528541
expires: Tue, 29 Oct 2024 10:10:10 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 14 Oct 2024 18:08:04 GMT
content-type: text/css
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230032-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725539.346609,VS0,VE4
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 79273
origin-agent-cluster: ?0

GET
H2 200 cms-page-preview.bundle.css
register.paloaltonetworks.com/css/dist/ 967 B
629 B 60ms
58ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/css/dist/cms-page-preview.bundle.css?_v=ae66e31f4433d2eefeb05fc52329d414

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c8a80b5a25ba6c81d389714f5070c89b46702ecbe02b62dc9de0d5f25e41d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5e04-3c7"
age: 188427
expires: Sat, 09 Nov 2024 07:08:16 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 14 Oct 2024 18:08:04 GMT
content-type: text/css
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230153-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725539.346796,VS0,VE4
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 378
origin-agent-cluster: ?0

GET
H2 200 baseLibs.bundle.js Show response
register.paloaltonetworks.com/lgcy/ 1 MB
263 KB 61ms
59ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/baseLibs.bundle.js?_v=425ebeee0cad4263d077787d34c722bb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3ad03e4d956f477929bf3090546fae8271b16dfe54f2bc6ad017986d889811b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5f09-1547d9"
age: 353638
expires: Thu, 07 Nov 2024 10:37:12 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 14 Oct 2024 18:12:25 GMT
content-type: application/javascript; charset=utf-8
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230067-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725539.346642,VS0,VE5
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 269194
origin-agent-cluster: ?0

GET
H2 200 thirdPartyTrackerTriggers.bundle.js Show response
register.paloaltonetworks.com/lgcy/ 1 KB
886 B 52ms
50ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/thirdPartyTrackerTriggers.bundle.js?_v=4c923788ef784ccfc90abbf1e4ffb69c

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f68ed97448a5c4917df50a7569319d0fe459c689454de78332220771c4adc1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5ee5-5b7"
age: 464903
expires: Tue, 29 Oct 2024 23:26:43 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 14 Oct 2024 18:11:49 GMT
content-type: application/javascript; charset=utf-8
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725539.346590,VS0,VE4
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 620
origin-agent-cluster: ?0

GET
H2 200 20240502.021646.custom.css
d3m889aznlr23d.cloudfront.net/themes/1219911/ 1 KB
948 B 88ms
14ms Stylesheet
text/css 2600:9000:235a:da00:d:9239:1640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3m889aznlr23d.cloudfront.net/themes/1219911/20240502.021646.custom.css
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:da00:d:9239:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 814d26b16a5d09e519899741b81c8036d8e578044230564c10ddf941a672796e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: gzip
x-amz-version-id: null
etag: W/"6bf92d4ae87ab3fa15fe5bfb8e0bb9df"
age: 3719
x-cache: Hit from cloudfront
x-amz-cf-id: kCO5uetLHmETgkuVF8u4TkTXeLTdjJPCDT3Vb8FteqQn8agFWIL-Fw==
date: Mon, 04 Nov 2024 12:03:41 GMT
content-type: text/css
vary: accept-encoding
last-modified: Thu, 02 May 2024 06:16:47 GMT
cache-control: max-age=25920000
cross-origin-resource-policy: cross-origin
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 launch-425c423d843b.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/ 632 KB
148 KB 138ms
10ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

cc466d698919a654ba74f40cdd7143a27a50eed4f45a93d72b58525300a7570f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "3f908c5746c0c4d9bc7d04254cf0e06a:1730191618.62699"
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 14:05:39 GMT
accept-ranges: bytes
access-control-allow-origin: https://register.paloaltonetworks.com
content-length: 151432
date: Mon, 04 Nov 2024 13:05:39 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 08:46:58 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H/1.1 200
OK bda.panLogo.png
d24wuq6o951i2g.cloudfront.net/img/events/id/457/457494375/assets/ 10 KB
11 KB 85ms
22ms Image
image/png 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/events/id/457/457494375/assets/bda.panLogo.png
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15cd84ac41f741f2d923779a27e15503cae4fab8b96eb0ecafdbd192f6d3b374

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

ETag: "da89cc326114b9edae1a2b8fd86c43bc"
x-amz-version-id: null
Age: 3865668
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: BhFMIXxDHCsBkbj1y4keiYmLbGeDVMtH_Ly2D7HM72O-yoeQHVU8Pg==
Date: Fri, 20 Sep 2024 19:17:52 GMT
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2022 04:11:17 GMT
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 10601
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 5070b33cd5c0de2c6664a92a1aeb1372.30ed0482df08d7e5d2e26cb330eb5927.logo.png
d3m889aznlr23d.cloudfront.net/img/events/id/458/458104385/assets/ 1 KB
2 KB 88ms
15ms Image
image/png 2600:9000:235a:da00:d:9239:1640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3m889aznlr23d.cloudfront.net/img/events/id/458/458104385/assets/5070b33cd5c0de2c6664a92a1aeb1372.30ed0482df08d7e5d2e26cb330eb5927.logo.png
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:da00:d:9239:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c96b719bf19b437273cc70090f5f640e3575b46630803832e9aaa63a5fbb7d8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

x-amz-version-id: null
etag: "91ca882dea06c9cd92936c2c8da75fce"
age: 3717
x-cache: Hit from cloudfront
x-amz-cf-id: r7ylRn0xYX9mUIHspXzLoiXUGKKiOqspbBX5jshnDn1miB_tKhO3Lg==
date: Mon, 04 Nov 2024 12:03:43 GMT
content-type: image/png
last-modified: Fri, 11 Aug 2023 03:15:22 GMT
cache-control: max-age=25920000
cross-origin-resource-policy: cross-origin
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1476
x-amz-cf-pop: FRA60-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 458a56cd4cdaf85475d8315ccb6d3b87.Parent_Lockup_Cortex_reversed.png
d3m889aznlr23d.cloudfront.net/img/events/id/458/458104385/assets/ 67 KB
68 KB 18ms
12ms Image
image/png 2600:9000:235a:da00:d:9239:1640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3m889aznlr23d.cloudfront.net/img/events/id/458/458104385/assets/458a56cd4cdaf85475d8315ccb6d3b87.Parent_Lockup_Cortex_reversed.png
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:da00:d:9239:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d5b44f309f9c0c7d1b9f409e34037873a7c8a42388e456f0894231b45503112

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

x-amz-version-id: null
etag: "af52c5210a902e9cfcdfb890c687fe82"
age: 3717
x-cache: Hit from cloudfront
x-amz-cf-id: iSDAvIwnNU9KBxTo0jlXMVih6h6j5JKx1TTqYTwM4i_VhDs8jZ6zBA==
date: Mon, 04 Nov 2024 12:03:43 GMT
content-type: image/png
last-modified: Fri, 22 Dec 2023 09:29:03 GMT
cache-control: max-age=25920000
cross-origin-resource-policy: cross-origin
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 68859
x-amz-cf-pop: FRA60-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 b86e8f1d5037c4adec78d76565aedcf1.PANW_Parent_Logo_White.png
d3m889aznlr23d.cloudfront.net/img/events/id/458/458723287/assets/ 26 KB
26 KB 27ms
24ms Image
image/png 2600:9000:235a:da00:d:9239:1640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3m889aznlr23d.cloudfront.net/img/events/id/458/458723287/assets/b86e8f1d5037c4adec78d76565aedcf1.PANW_Parent_Logo_White.png
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:da00:d:9239:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73b8626eb05dbf69909b99e5c8c8197b4c7bbb871a2b704c445d652f04818170

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

x-amz-version-id: null
etag: "721f0a0dcd3e662686906a4a009238db"
age: 3992447
x-cache: Hit from cloudfront
x-amz-cf-id: LBaZlt_X6SyY9_A_tL1K5T41ggEIamVjtU46LibMQ8aWlKHBYRqNsA==
date: Thu, 19 Sep 2024 08:04:53 GMT
content-type: image/png
last-modified: Wed, 07 Jun 2023 05:53:19 GMT
cache-control: max-age=25920000
cross-origin-resource-policy: cross-origin
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 26329
x-amz-cf-pop: FRA60-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 363f56cba4267b0440f1caa5a7510bab.Speaker-fpo.png
d24wuq6o951i2g.cloudfront.net/img/events/id/458/458019447/assets/ 7 KB
8 KB 15ms
13ms Image
image/png 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/events/id/458/458019447/assets/363f56cba4267b0440f1caa5a7510bab.Speaker-fpo.png
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0466f40117162e14168e5c7f4dc74e0b8f52fe510f6855d36ced41e0ba0787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

ETag: "8b3270255a87df0c8680502fc58ad4bf"
x-amz-version-id: null
Age: 16352557
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: xv0SSZhi849QhljELBx1o6R5WtBdOD2WdOHJ2hl_ry1qSuM5F1tAKg==
Date: Mon, 29 Apr 2024 06:43:03 GMT
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2022 04:43:10 GMT
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 7584
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 370 KB
122 KB 197ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MJML5FZQ80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b8e7e43e1fb18c0c9e1b7c051da53a2da4f04900dae7cb40a3b157ffc785c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 04 Nov 2024 13:05:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 13:05:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123874
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK google-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 1 KB
1 KB 14ms
10ms Image
image/svg+xml 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/google-icon.svg
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9d9831d621296d3c12a4976576e9cebe816b549ef516b33ecdbd11d3e39da25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

Content-Encoding: gzip
ETag: W/"8b4fe373e7821d08a76956db55c22f3f"
x-amz-version-id: null
Age: 5185526
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: r_CDMuSo9dF2hieHSd-ZXm3JPvszcysuLXXQIJNPG1Eg3JqiaHv_Bw==
Date: Thu, 05 Sep 2024 12:40:14 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Last-Modified: Wed, 15 Feb 2023 22:51:06 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK outlook-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 2 KB
2 KB 31ms
14ms Image
image/svg+xml 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/outlook-icon.svg
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8dbd8021424c9f3069bd131360bb5f7e6421c4039fd284f750978cc4cc557aad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

Content-Encoding: gzip
ETag: W/"2f44b4eee1715ea6e3b2adfd94ec194d"
x-amz-version-id: null
Age: 4092464
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: iNb77d-Hvy8dvMcMOmlmTtOVtAu8jLL-g40jPZxWc1Bbqp19vRL0sg==
Date: Wed, 18 Sep 2024 04:17:55 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Last-Modified: Wed, 15 Feb 2023 22:51:30 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK apple-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 1 KB
1 KB 35ms
16ms Image
image/svg+xml 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/apple-icon.svg
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3179f4e154e785ff1de37f634d3ceaba3bf116bef703bb2709b6e11b76c6a5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

Content-Encoding: gzip
ETag: W/"ed7d2afe5ef9d61fafb2ecb4a64d357a"
x-amz-version-id: null
Age: 5721093
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: TExG90-TsjdST_hUM2T_Fj98ZI9y8AoZRKgXgIdR3NppMsxqslK8oA==
Date: Fri, 30 Aug 2024 07:54:07 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Last-Modified: Wed, 15 Feb 2023 22:52:48 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK yahoo-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 544 B
1 KB 48ms
22ms Image
image/svg+xml 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/yahoo-icon.svg
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e9dc0974276e9c5a4349969060086d62f56f3eb18b0c3efb45c415fd9efeacd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

ETag: "5a8e113e7198ab2c7f0c40bac5f96da0"
x-amz-version-id: null
Age: 5321506
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: MtA5TIoILUe4NeEKuUV2wZMZyBctxQN6ZKXfbr50JC12sSRBvQ5KuQ==
Date: Tue, 03 Sep 2024 22:53:54 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 15 Feb 2023 22:53:35 GMT
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 544
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 third-party-tracking-manager.edb5d3d2dc9d83c31be7.js Show response
frontend.cdn.splashthat.com/build/standalone/ 135 KB
43 KB 9ms
7ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/third-party-tracking-manager.edb5d3d2dc9d83c31be7.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d63467b16b6a31d8d16c874dad12a716af9ef7399d9aeba93b758b88c60fde0e

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: gzip
etag: "46cfaec19052e2a020720c18e9f5f9b0"
x-amz-version-id: _cuHhmsPmU3GEWRq.mPrdTNySAqLuNUw
age: 16540
x-cache: HIT
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 07 Oct 2024 06:37:32 GMT
x-served-by: cache-fra-etou8220130-FRA
x-cache-hits: 38
content-type: text/javascript
x-amz-id-2: +yN8qOxWfxUA26XFnTREVymw1AzKKIbrey6xEC44AdCpcKx1Gwlo89oxPask7etoWuKP+p11ht4=
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: Cache-Control: public, max-age=31536000, immutable
x-timer: S1730725539.473582,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
x-amz-request-id: C7BRGRM0BSMTXDST
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44046
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 splash-page.c3b767e17512f1ab185b.js Show response
frontend.cdn.splashthat.com/build/standalone/ 2 MB
482 KB 17ms
16ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/splash-page.c3b767e17512f1ab185b.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac75272635b5ab0e7ccc23f6c5f2b1e116a150315d72e152479a0e9494f58927

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: gzip
etag: "f81a6b1e48a62ebbaf219a5dc3588c35"
x-amz-version-id: 6bC8dBo_JhqiQ1LJ3W.73ZshzpSP_gfN
age: 6731
x-cache: HIT
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 28 Oct 2024 06:38:53 GMT
x-served-by: cache-fra-etou8220130-FRA
x-cache-hits: 2
content-type: text/javascript
x-amz-id-2: zSGU2gCH3R9QB0YBBcoHQx1ap+0NXzM6deotrfitymKikr919U2s6iuPUL9APpK2Nul3FbpcJY0=
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: Cache-Control: public, max-age=31536000, immutable
x-timer: S1730725540.536721,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
x-amz-request-id: RFV6N1GQT1RPRF8R
accept-ranges: bytes
access-control-allow-origin: *
content-length: 493179
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 baseLibs.js Show response
register.paloaltonetworks.com/lgcy/ 58 KB
18 KB 25ms
12ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/baseLibs.js?_v=388792897ce5bab039dacb654c450edb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6202b3772ad64771970f2db71bf1f15b29a9835cd6efe572126542edc0615a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5e04-e9d7"
age: 459544
expires: Wed, 30 Oct 2024 04:45:45 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 18:08:04 GMT
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-etou8220052-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725540.554180,VS0,VE2
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 18122
origin-agent-cluster: ?0

GET
H2 200 sui.bundle.js Show response
register.paloaltonetworks.com/lgcy/ 371 KB
98 KB 30ms
17ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/sui.bundle.js?_v=02dd2016ac98b698fe576b6a3c9f82bb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2187eef14afa40b4f38c92fd2b33e4b0e00678ead886d4ae732038decc1f375d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5f1a-5cd36"
age: 372630
expires: Thu, 07 Nov 2024 03:43:45 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 18:12:42 GMT
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230127-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725540.554267,VS0,VE4
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 99828
origin-agent-cluster: ?0

GET
H2 200 legacySui.js Show response
register.paloaltonetworks.com/lgcy/ 15 KB
5 KB 64ms
51ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/legacySui.js?_v=bcb249dc7a8407781a3d64966f1c0cec

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23d692ce8542baf7661710f69ce7e6c4b8e3e2a9e36af5c4f2907f4202add42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5e04-3ccd"
age: 540855
expires: Tue, 05 Nov 2024 06:26:14 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 14 Oct 2024 18:08:04 GMT
content-type: application/javascript; charset=utf-8
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230131-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725540.554111,VS0,VE10
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 4800
origin-agent-cluster: ?0

GET
H2 200 cmsShared.js Show response
register.paloaltonetworks.com/lgcy/ 74 KB
23 KB 27ms
14ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/cmsShared.js?_v=16cf8233e8421cf4c985167156d5708c

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

39f480b809b1598b19e424f085b716bfc7648251d1f405b8f5ad74df072be802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5e04-126ba"
age: 340031
expires: Thu, 07 Nov 2024 14:32:15 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
last-modified: Mon, 14 Oct 2024 18:08:04 GMT
content-type: application/javascript; charset=utf-8
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-etou8220155-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725540.554289,VS0,VE4
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 23300
origin-agent-cluster: ?0

GET
H2 200 cmsShared.bundle.js Show response
register.paloaltonetworks.com/lgcy/ 52 KB
20 KB 24ms
12ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/cmsShared.bundle.js?_v=8648e03209af73ed6915f0f256cc13c9

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fd158ceeeb440d6ba2efdd9ec9c6f88a1af0c6799c9cbbbc0b6115148ee43282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5f0d-d1a7"
age: 122147
expires: Sun, 10 Nov 2024 01:46:20 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 18:12:29 GMT
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725540.554060,VS0,VE4
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 20381
origin-agent-cluster: ?0

GET
H2 200 cmsPagePreview.bundle.js Show response
register.paloaltonetworks.com/lgcy/ 2 MB
305 KB 40ms
27ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://register.paloaltonetworks.com/lgcy/cmsPagePreview.bundle.js?_v=7d9fb06067ae405ea7e189b27bb05588

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

19555dd671a3336043eb706eeae51c4815b098dff4ab99f756ec2065df080c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04

Response headers

content-encoding: gzip
etag: W/"670d5f29-18134b"
age: 106516
expires: Sun, 10 Nov 2024 07:15:02 GMT
x-cache: MISS, HIT, MISS
date: Mon, 04 Nov 2024 13:05:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 18:12:57 GMT
x-cache-hits: 0, 0, 0
x-served-by: cache-fra-eddf8230145-FRA, cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=604800, public
pragma: public
x-timer: S1730725540.554236,VS0,VE5
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 311373
origin-agent-cluster: ?0

GET
H2 200 936b5e03a7583a1f271ad5b2d7daf3ca.705bb6dd1a7ad35defcdd8ed0307fb53.Cortex_XDR_Virtual_HOW_Splash_1920x600.jpg
d3m889aznlr23d.cloudfront.net/img/events/id/458/458104385/assets/ 90 KB
91 KB 22ms
14ms Image
image/jpeg 2600:9000:235a:da00:d:9239:1640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3m889aznlr23d.cloudfront.net/img/events/id/458/458104385/assets/936b5e03a7583a1f271ad5b2d7daf3ca.705bb6dd1a7ad35defcdd8ed0307fb53.Cortex_XDR_Virtual_HOW_Splash_1920x600.jpg
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:da00:d:9239:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66ff45b1ee02eeafa25aed60fc8b1667ce39e3cb66bc049f0127359909f969d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

x-amz-version-id: null
etag: "8f09413d3f0ceafaa4fed2cf01fc98ac"
age: 3707
x-cache: Hit from cloudfront
x-amz-cf-id: gN2nvW4I7Ciie0YLcX-RThKkwn8mLnmM5D9jXXPcyv-c9IPk-cV-eg==
date: Mon, 04 Nov 2024 12:03:53 GMT
content-type: image/jpeg
last-modified: Fri, 04 Aug 2023 04:43:07 GMT
cache-control: max-age=25920000
cross-origin-resource-policy: cross-origin
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 92350
x-amz-cf-pop: FRA60-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK TT-Hoves-Medium.otf
s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/458/458104385/fonts/ 195 KB
196 KB 619ms
180ms Font
font/otf 52.217.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/458/458104385/fonts/TT-Hoves-Medium.otf
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.201.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 21e33f608138cc95dc3719ad8ab25a52feddf3e8419c8c80cc6364def42786e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "ecac2e25c539f5a22d7cb6fa41cf3657"
x-amz-version-id: null
Access-Control-Allow-Methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
Date: Mon, 04 Nov 2024 13:05:41 GMT
Last-Modified: Fri, 15 Dec 2023 06:13:38 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: font/otf
x-amz-id-2: VCmgdb2rz6HuI4XjTwqnAdpjT4nsmvjxy22MvV89ClxPpjJsxDhEZ8FEeYZwBzaJKUpqERe5esE=
Cache-Control: max-age=25920000
x-amz-request-id: 11DGTECRGPFWRXY2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 199728
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK TT-Hoves-Bold.otf
s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/458/458104385/fonts/ 197 KB
198 KB 632ms
193ms Font
font/otf 52.217.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/458/458104385/fonts/TT-Hoves-Bold.otf
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.201.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f59d6cb8aa9db5245ad133059ea2b87d3fcdffe6b7dd526741192b9619f2f207

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "6ee5260b774f5c4035e3cba9bba28b8a"
x-amz-version-id: null
Access-Control-Allow-Methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
Date: Mon, 04 Nov 2024 13:05:41 GMT
Last-Modified: Fri, 15 Dec 2023 06:13:12 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: font/otf
x-amz-id-2: LVvfEFPed+E08gOOp4Oo+NrSa/tEDawSeirJ27v0NOLfKYzwOVwF6hI6INDyK9cdqDkebujiFNg=
Cache-Control: max-age=25920000
x-amz-request-id: 11DK5FDFFWJP27QA
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 201592
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK FF-Celeste-Pro-Book.otf
s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/458/458104385/fonts/ 112 KB
112 KB 615ms
177ms Font
font/otf 52.217.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/458/458104385/fonts/FF-Celeste-Pro-Book.otf
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.201.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a72d7a2f767fb7f1a5c913b5616757519ee7491ce31578a7fa659f9c79e88261

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "1c32b82a498f3a49f1caaa7365797c35"
x-amz-version-id: null
Access-Control-Allow-Methods: GET
Date: Mon, 04 Nov 2024 13:05:41 GMT
Last-Modified: Fri, 15 Dec 2023 06:12:39 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: font/otf
x-amz-id-2: t4bu/7a8ziE8wZopHSy0bWdpU3fM6KFrhUdowfCENjDh1ncUx+rsA49UcfAUnjSmZrZJAAReKX4=
Cache-Control: max-age=25920000
x-amz-request-id: 11DZ2M3HMM8ETK3Z
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 114352
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK Lato-Regular.woff2
d24wuq6o951i2g.cloudfront.net/assets/fonts/ 178 KB
179 KB 48ms
13ms Font
binary/octet-stream 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/assets/fonts/Lato-Regular.woff2
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/css/dist/shared-vendor.bundle.css?_v=838cfbe01e1ba021a954022fb3febd1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "bd03a2cc277bbbc338d464e679fe9942"
x-amz-version-id: null
Age: 27346629
Access-Control-Allow-Methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: iyDGNoUOLqclvntXDrUtClFT5PxFfuGDsiAhoQmJ04XTbaksZEooJA==
Date: Sun, 24 Dec 2023 00:48:31 GMT
Content-Type: binary/octet-stream
Vary: Origin
Last-Modified: Wed, 29 Jun 2022 00:40:39 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 182708
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK burst-tile.png
d24wuq6o951i2g.cloudfront.net/images/ 1 KB
2 KB 24ms
19ms Image
image/png 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/images/burst-tile.png
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/css/dist/shared.bundle.css?_v=98a8e2aff66ffeaa9369965874d8b759
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a57a36856843347c611be4f82a4de24be9a90afc16cb8ac74e5824a111d78c17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

x-amz-version-id: null
ETag: "eef11983c51c237e2e687e1559b749b2"
Age: 5321506
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: bCcU19MdXXAWGVwsohcfXrG2l1LiJYKtwkPusLzwfVevYDRwKimyvg==
Date: Tue, 03 Sep 2024 22:53:54 GMT
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2022 00:40:41 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 1048
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK Lato-Bold.woff2
d24wuq6o951i2g.cloudfront.net/assets/fonts/ 181 KB
181 KB 50ms
26ms Font
binary/octet-stream 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/assets/fonts/Lato-Bold.woff2
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/css/dist/shared-vendor.bundle.css?_v=838cfbe01e1ba021a954022fb3febd1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "cccb897485813c7c256901dbca54ecf2"
x-amz-version-id: null
Age: 4190466
Access-Control-Allow-Methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: CmR5wyZv32A4q8QUdsSWHjQmGEjqbZar4PoGYVe5fyw60Bf7BHDWpA==
Date: Tue, 17 Sep 2024 01:04:34 GMT
Content-Type: binary/octet-stream
Vary: Origin
Last-Modified: Wed, 29 Jun 2022 00:40:38 GMT
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 184912
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK kohtello-23f42e200a1f00e12a32f8b5a7087049.woff2
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 48 KB
49 KB 43ms
20ms Font
binary/octet-stream 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/kohtello-23f42e200a1f00e12a32f8b5a7087049.woff2
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/css/dist/shared-vendor.bundle.css?_v=838cfbe01e1ba021a954022fb3febd1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78b5b4f743f983fa9a4d19c8e788de058c8404f0a23698a298f78d77555a6708

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "a2321a0222c3b5c3cb90f111af8e5ad4"
x-amz-version-id: null
Age: 5095957
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: XqjJfbqoTvKN1tXnvUq9GRtHCVTJN5frEdRvIeriKfjzGPX5JiC_rg==
Date: Fri, 06 Sep 2024 13:33:03 GMT
Content-Type: binary/octet-stream
Vary: Origin
Last-Modified: Fri, 30 Aug 2024 03:02:55 GMT
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 49012
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK Arial.ttf.woff
s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/457/457494375/fonts/ 412 KB
413 KB 585ms
178ms Font
application/font-woff 52.217.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/s3.clients.splashthat.com/img/events/id/457/457494375/fonts/Arial.ttf.woff
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.201.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c868a99b459823528d45f7d8601f7151cc59120ca72dbff2e02e64a7f1bb8fa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "3ce26a5b477b48c69ed3e30db7f4e855"
x-amz-version-id: null
Access-Control-Allow-Methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
Date: Mon, 04 Nov 2024 13:05:41 GMT
Last-Modified: Wed, 29 Jun 2022 04:11:16 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: application/font-woff
x-amz-id-2: zu+iTbKScXfWtgmWPOrunIksgXs7Xc5RauQQFmSiW2tVqwqQyQr1j2cDsah36+eDehJZIv4awkA=
Cache-Control: max-age=25920000
x-amz-request-id: 11DM9VW4HMYKXHA5
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 421820
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK trackers Show response
third-party-tracking-manager.services.splashthat.com/api/v1/events/459075697/ 46 B
411 B 410ms
98ms XHR
application/json 52.72.15.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://third-party-tracking-manager.services.splashthat.com/api/v1/events/459075697/trackers

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/third-party-tracking-manager.edb5d3d2dc9d83c31be7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.72.15.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-15-253.compute-1.amazonaws.com

Software

Resource Hash

1b40c724e90a7051e0289d0a1680c199f056c40f471712ea2c7f4bc88e8c3290

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://register.paloaltonetworks.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
ETag: W/"2e-NeRJmZctjDoWfknMu5ylh9NQXl4"
Connection: keep-alive
Via: kong/3.4.2
X-Kong-Upstream-Latency: 3
Access-Control-Allow-Origin: *
Content-Length: 46
Date: Mon, 04 Nov 2024 13:05:40 GMT
X-Kong-Proxy-Latency: 0
Content-Type: application/json; charset=utf-8

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 135ms
13ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Mon, 04 Nov 2024 13:05:40 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 00:10:26 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000084-IAD, cache-fra-etou8220138-FRA
x-amz-server-side-encryption: AES256

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730725540142
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730725540142

217 B
820 B

36ms
34ms

XHR
application/json

63.32.87.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730725540142

Requested by

Protocol

Server

63.32.87.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-87-126.eu-west-1.compute.amazonaws.com

Software

Resource Hash

231c26a5c8b00d30d0a4345817cec3109073e68e76fad8ff906595b9246b1977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v067-0b92b87f3.edge-irl1.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: rZy0gu40Qgc=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://register.paloaltonetworks.com
content-length: 208
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730725540142
dcs: dcs-prod-irl1-1-v067-075345a65.edge-irl1.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: npraqjMaQ84=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://register.paloaltonetworks.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 04 Nov 2024 13:05:40 GMT
vary: Origin

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 35 KB
13 KB 68ms
67ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "d8232f86c8016a8e0acaa7ecfdf72b3e:1722493571.189276"
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 14:05:40 GMT
accept-ranges: bytes
access-control-allow-origin: https://register.paloaltonetworks.com
content-length: 13012
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 3 KB
2 KB 49ms
49ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement_Module_ActivityMap.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "bb4b6453e3ab80111a2b227318d22efb:1722493571.614634"
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 14:05:40 GMT
accept-ranges: bytes
access-control-allow-origin: https://register.paloaltonetworks.com
content-length: 1597
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 129ms
24ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCFAE4A54821C4
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 33663
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/javascript
last-modified: Sat, 02 Nov 2024 02:18:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: e6162d8b-a01e-00e4-3b43-2d8080000000
cf-ray: 8dd4d12299631cbf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 54ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MJML5FZQ80&gtm=45je4au0v9117422058za200&_p=1730725539580&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=2043343296.1730725540&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=hands-oninvestigationthreathuntingworkshop67126a29.splashthat.com&sid=1730725540&sct=1&seg=0&dt=Hands-On%20Investigation%20%26%20Threat%20Hunting%20Workshop&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.splash_event_id=459075697&tfd=1905
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MJML5FZQ80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://register.paloaltonetworks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
563 B 76ms
19ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MJML5FZQ80&cid=2043343296.1730725540&gtm=45je4au0v9117422058za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MJML5FZQ80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://register.paloaltonetworks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 114ms
75ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MJML5FZQ80&cid=2043343296.1730725540&gtm=45je4au0v9117422058za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=1175942457

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 04 Nov 2024 13:05:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 tags.js Show response
js.datadome.co/ 168 KB
33 KB 61ms
8ms Script
text/javascript 18.66.122.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-78.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: br
x-amz-version-id: 3leCM9jGAq2_7z1hJqQMAiZ.vKvvZDqu
etag: W/"86b848e45746db7159d1fbb589ce0f3f"
age: 2676
x-cache: Hit from cloudfront
x-amz-cf-id: PS05pYGDBm6rS0o9LVEhEV5nXMVHy4q8R_kKM3I5GBW7ptHKbOTAvA==
date: Mon, 04 Nov 2024 12:21:05 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Thu, 17 Oct 2024 12:43:13 GMT
strict-transport-security: max-age=15768000
cache-control: max-age=3600, public
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 8380accb-00d6-4b05-90ec-6d405f7310d6.json Show response
cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/ 6 KB
2 KB 65ms
44ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/8380accb-00d6-4b05-90ec-6d405f7310d6.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb553f40c9e6dc7c36c0224ea7d628ef44143002e9bdb0efba72655ad4b8affe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: 1tCk2UGK5Hg0oWGVxSWqCw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCE1149105676A
age: 19836
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 05 Nov 2024 13:05:40 GMT
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/json
last-modified: Mon, 30 Sep 2024 05:56:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 58a82a5a-001e-000c-0e4c-267d7b000000
cf-ray: 8dd4d12468436925-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1841
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 event_attribution.js Show response
www.paloaltonetworks.com/content/dam/pan/en_US/includes/ 4 KB
1 KB 108ms
40ms Script
application/javascript 2a02:26f0:480:f95::c3a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/event_attribution.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f95::c3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

22f3182f4cd9e391e4365a8c954b1a74f93549d9e7be63c1e4ff341586641245

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

x-robots-tag: noindex
content-encoding: br
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 13:05:40 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1730725540573_34911065_168612093_283_6669_6_27_146";dur=1
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/javascript
last-modified: Sat, 02 Nov 2024 06:51:36 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none'
cache-control: max-age=259200
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1037
server: Akamai Resource Optimizer

GET
H2 200 id Show response
sstats.paloaltonetworks.com/ 48 B
480 B 137ms
22ms XHR
application/x-javascript 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.paloaltonetworks.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=9A531C8B532965080A490D4D%40AdobeOrg&mid=67081738194801963840059673367680014658&ts=1730725540530

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

f116d1acc5da769e8c151c715f2694f79a95c91498472a8d155dc2afe69f9c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://register.paloaltonetworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://register.paloaltonetworks.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Mon, 04 Nov 2024 13:05:40 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

OPTIONS
H2 200 form
api.splashthat.com/public/event/459075697/ Frame 0
0 639ms
384ms Preflight 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.splashthat.com/public/event/459075697/form

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

kong/3.4.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-max-age,x-splash-private-hash
Access-Control-Request-Method: GET
Origin: https://register.paloaltonetworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: access-control-max-age,x-splash-private-hash
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 04 Nov 2024 13:05:41 GMT
server: kong/3.4.2
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-kong-response-latency: 0
x-served-by: cache-fra-etou8220039-FRA, cache-fra-etou8220110-FRA
x-timer: S1730725541.923526,VS0,VE371

GET
H2 200 form Show response
api.splashthat.com/public/event/459075697/ 35 KB
35 KB 253ms
252ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.splashthat.com/public/event/459075697/form

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/splash-page.c3b767e17512f1ab185b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ec1312525aca4397e20375368311ce80b02ae0aec25a48865bb7973e2c3f2100

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Max-Age: 3600
X-Splash-Private-Hash: 4f870ef62244707aa3ce97bfc24ba6ced40f542c
Referer: https://register.paloaltonetworks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json

Response headers

ratelimit-remaining: 4999
ratelimit-reset: 1
x-content-type-options: nosniff
x-ratelimit-limit-second: 5000
x-kong-proxy-latency: 1
x-cache: MISS, MISS
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: application/json
x-served-by: cache-fra-eddf8230135-FRA, cache-fra-etou8220110-FRA
x-cache-hits: 0, 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
x-timer: S1730725541.310999,VS0,VE240
x-ratelimit-remaining-second: 4999
ratelimit-limit: 5000
via: kong/3.4.2, 1.1 varnish, 1.1 varnish
allow: GET
accept-ranges: bytes
access-control-allow-origin: *
x-kong-upstream-latency: 37
x-xss-protection: 1; mode=block
server: nginx

GET
H/1.1 200
OK mapbox-styles.css
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 41 KB
13 KB 29ms
28ms Stylesheet
text/css 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/mapbox-styles.css
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f125b7633bf1dd3b9cb333af71341748cec8bcb21210ce5722b36c631f635e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

Content-Encoding: gzip
ETag: W/"94dac7332276d71da0552155517a5268"
x-amz-version-id: null
Age: 7654115
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: u3ICiXUz2cwnWeoC7UuGMyIkKFIc7liY9UYK-VqNAh7eCzBAce4f8A==
Date: Wed, 07 Aug 2024 22:57:06 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Wed, 29 Jun 2022 02:02:08 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK jquery-ui-smooth.css
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 31 KB
7 KB 25ms
25ms Stylesheet
text/css 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/jquery-ui-smooth.css
Requested by: Host: register.paloaltonetworks.com
URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4f2876a599f90a2bd52fe770b5f00b070fedfb085f4e2d49b170248ae54a723

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

Content-Encoding: gzip
ETag: W/"29115555d9d54f1031eb8c6b2b18ffaf"
x-amz-version-id: null
Age: 9120887
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: eqW0eiKcm-U7QTuxy7FTUHrmfK81wFlcANRTLShCEru9R-Xt4m-ubg==
Date: Sun, 21 Jul 2024 23:30:54 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Wed, 29 Jun 2022 02:02:08 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 220ms
29ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://register.paloaltonetworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8dd4d126e9773675-FRA
access-control-allow-origin: *
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 regletlite.js Show response
www.paloaltonetworks.com/content/dam/pan/en_US/includes/ 20 KB
3 KB 37ms
37ms Script
application/javascript 2a02:26f0:480:f95::c3a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/regletlite.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f95::c3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7b950e3a7338a8de6a9d98343de4123de85b3974abe810f6b16216cf10881e68

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

x-robots-tag: noindex
content-encoding: br
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 13:05:40 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730725540832_34911065_168613118_65_6979_9_0_146";dur=1
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/javascript
last-modified: Fri, 25 Oct 2024 14:10:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none'
cache-control: max-age=259200
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2731
server: Akamai Resource Optimizer

GET 7cd56e90-25f3-4284-84fa-7f3ff5eec586
https://register.paloaltonetworks.com/ Frame 0
0

GET
H2 200 RCaf2d132868604f5ca4e6652f60ab6dee-source.min.js Show response
assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/9253cfdec419/ 1 KB
843 B 25ms
25ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/9253cfdec419/RCaf2d132868604f5ca4e6652f60ab6dee-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/0d76ae0322d7/launch-425c423d843b.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

d68c5f24c3ef679d4b69b32e6718117d1fb75931dfae4a08e557667bd8d92201

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "d46f12634a40438614e126f153f27ca7:1730191620.004328"
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 14:05:40 GMT
accept-ranges: bytes
access-control-allow-origin: https://register.paloaltonetworks.com
content-length: 554
date: Mon, 04 Nov 2024 13:05:40 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 08:47:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/ 457 KB
111 KB 38ms
33ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: Mq8sWt7aN99kE/VZ97+T8Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C88D357E6
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 10201
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 13:05:41 GMT
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 02:45:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 22d7a51e-001e-000c-58ed-247d7b000000
cf-ray: 8dd4d1274e5c1cbf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113760
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 / Show response
api-js.datadome.co/js/ 241 B
471 B 131ms
10ms XHR
application/json 52.28.147.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.datadome.co/js/

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.28.147.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-147-84.eu-central-1.compute.amazonaws.com

Software

DataDome /

Resource Hash

5ce6f5f87c1852f2e66666155b56fb1e0d6f5592b9d921087eaf03156ae52efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://register.paloaltonetworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
content-length: 241
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: application/json;charset=utf-8
server: DataDome

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/018df4a9-4cfb-746d-a746-9d895407fcb3/ 213 KB
37 KB 43ms
38ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8380accb-00d6-4b05-90ec-6d405f7310d6/018df4a9-4cfb-746d-a746-9d895407fcb3/en.json

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b37462ec047ac9d039293069605de2b175e68a2736025df927ea7c21c8cee54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: 2+v7n7SxVrK2UHUhUGyo/w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCE114937E76C0
age: 78142
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 05 Nov 2024 13:05:41 GMT
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: application/json
last-modified: Mon, 30 Sep 2024 05:56:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 81325225-001e-0025-0b4d-260b39000000
cf-ray: 8dd4d127cb016925-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37497
x-ms-blob-type: BlockBlob
server: cloudflare

GET reglet.getuserprofile.json
www.paloaltonetworks.com/apps/pan/public/ 0
0

GET
H/1.1 200
OK 59a.favicon-32x32.png
d24wuq6o951i2g.cloudfront.net/img/events/id/347/3476633/assets/ 1 KB
2 KB 45ms
19ms Other
image/png 18.66.92.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/events/id/347/3476633/assets/59a.favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56de3621a46bdc33c099526f09b75b28229664fc34ae428293cc2e4447b238f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

ETag: "6a9babc444b5b7ad6fa154869686a2d9"
x-amz-version-id: null
Age: 1752319
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: DjlG1B9BotOo2x_9gjpeIhvc0YWKwsLFe3cMKk9S3R8wcC0gvzwZPQ==
Date: Tue, 15 Oct 2024 06:20:23 GMT
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2022 04:12:47 GMT
Cache-Control: max-age=25920000
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 1132
X-Amz-Cf-Pop: FRA56-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 13 KB
3 KB 52ms
52ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otFlat.json

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: RGlYb2KBTfdkPpxIxwwu0g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C8519203B
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 52100
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: cc0b6e7a-801e-00bc-1398-1f84fb000000
cf-ray: 8dd4d1289bb66925-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/ 62 KB
13 KB 53ms
52ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/otPcCenter.json

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: vNMewq08o3u2s0ZPUoZf8g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C86774DF1
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 78141
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 78ad5807-901e-00c5-5598-1fedb1000000
cf-ray: 8dd4d1289bb76925-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 24 KB
4 KB 55ms
55ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCommonStyles.css

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 78141
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=24745
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 02:45:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5434a940-a01e-00e4-6298-1f8080000000
cf-ray: 8dd4d1289bb96925-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
601 B 33ms
33ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 20313
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Nov 2024 02:18:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 812d9f92-a01e-0001-4157-2d9277000000
cf-ray: 8dd4d129186a1cbf-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 40ms
40ms Fetch
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 19837
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Nov 2024 02:18:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: d66aa5fc-201e-00f5-0edc-2cb79b000000
cf-ray: 8dd4d1292c2a6925-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 PANW_Parent_Brand_Primary_Logo_RGB_Red_White.png
cdn.cookielaw.org/logos/17444fe5-d1b7-4e74-91f7-54412bafd309/c96e4f44-29f1-4037-b8db-8926e9558ce1/fbdfdc34-f2b3-41d8-936a-a34060d48bd6/ 17 KB
17 KB 43ms
43ms Image
image/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/17444fe5-d1b7-4e74-91f7-54412bafd309/c96e4f44-29f1-4037-b8db-8926e9558ce1/fbdfdc34-f2b3-41d8-936a-a34060d48bd6/PANW_Parent_Brand_Primary_Logo_RGB_Red_White.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2003684d0dca4a5838a3fa6c7f4a8bcb44f09e64e2758acc30e9b746263f6079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: gZJmTLN9lSoogPMyB90hRw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D9363DE041417F
age: 8491
cf-cache-status: HIT
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: image/png
last-modified: Wed, 23 Jun 2021 11:56:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 2c0de8c1-001e-0086-65fe-73f53a000000
cf-ray: 8dd4d12978d31cbf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17455
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 72263
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 13:05:41 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Nov 2024 02:18:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: a9e57133-f01e-00fc-344c-2dad15000000
cf-ray: 8dd4d12978db1cbf-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
971 B 46ms
20ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/splash-page.c3b767e17512f1ab185b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

9ef4a6fb0f4ec50c94eaab29a60df1bcab1b5707dafa62b40dfaf39804ddef63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://register.paloaltonetworks.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 13:05:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 04 Nov 2024 13:05:41 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 173ms
36ms Script
text/javascript 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://register.paloaltonetworks.com
Referer: https://register.paloaltonetworks.com/

Response headers

content-encoding: gzip
age: 10627
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 10:08:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 10:08:34 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 455D 0
0 56ms
44ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4&co=aHR0cHM6Ly9yZWdpc3Rlci5wYWxvYWx0b25ldHdvcmtzLmNvbTo0NDM.&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=8jebqrz3w11o

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RoM_eVlP2QaL36MqBRtFKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://register.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RoM_eVlP2QaL36MqBRtFKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 13:05:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 09C7 0
0 25ms
22ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XPl3Y4btADQjCsanzqFmWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://register.paloaltonetworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XPl3Y4btADQjCsanzqFmWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 13:05:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: register.paloaltonetworks.com
URL: blob:https://register.paloaltonetworks.com/7cd56e90-25f3-4284-84fa-7f3ff5eec586

Domain: www.paloaltonetworks.com
URL: https://www.paloaltonetworks.com/apps/pan/public/reglet.getuserprofile.json

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paloaltonetworks.com/	1970-01-21 10:21:25	Name: _ga_MJML5FZQ80 Value: GS1.1.1730725540.1.0.1730725540.60.0.0
.paloaltonetworks.com/	1970-01-21 10:21:25	Name: _ga Value: GA1.1.2043343296.1730725540
.demdex.net/	1970-01-21 05:04:37	Name: demdex Value: 61273512704496305120631772322736329042
.paloaltonetworks.com/	1969-12-31 23:59:59	Name: AMCVS_9A531C8B532965080A490D4D%40AdobeOrg Value: 1
.paloaltonetworks.com/	1970-01-21 10:21:25	Name: s_ecid Value: MCMID%7C67081738194801963840059673367680014658
.paloaltonetworks.com/	1970-01-21 10:21:25	Name: AMCV_9A531C8B532965080A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C20032%7CMCMID%7C67081738194801963840059673367680014658%7CMCAAMLH-1731330340%7C6%7CMCAAMB-1731330340%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1730732740s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.paloaltonetworks.com/	1970-01-21 09:31:01	Name: datadome Value: U0RZELHjhb3I1fgkMm6CQTYODtJ8iDHySc03x~QTAE1HWRFYrL3ZYbmmpWJs3YUozbnzgp~Vf1UjN26dodo24aypM~A1t7_78vbO9v_A74NDej0MNDQWyiKdYQxvlg_l
.www.paloaltonetworks.com/	1969-12-31 23:59:59	Name: pan-lang-cookie Value: en_US
www.paloaltonetworks.com/	1969-12-31 23:59:59	Name: renderid Value: rend01
.paloaltonetworks.com/	1970-01-21 09:31:01	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Nov+04+2024+14%3A05%3A41+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202409.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=44575c12-65f7-4331-b608-9996fa839ff1&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fregister.paloaltonetworks.com%2Fhands-oninvestigationthreathuntingworkshop67126a29%3Futm_source%3Dmarketo%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DEMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04(Line 683) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0751F442E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	error	URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04 Message: Access to XMLHttpRequest at 'https://www.paloaltonetworks.com/apps/pan/public/reglet.getuserprofile.json' from origin 'https://register.paloaltonetworks.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is 'true, true' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://www.paloaltonetworks.com/apps/pan/public/reglet.getuserprofile.json Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://register.paloaltonetworks.com/hands-oninvestigationthreathuntingworkshop67126a29?utm_source=marketo&utm_medium=email&utm_campaign=EMEAL-EN-EV-25Q1-Cortex-Virtual_Investigation_and_Threat_Hunting.EM02-Nov04 Message: [GroupMarkerNotSet(crbug.com/242999)!:A000561B442E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
api.splashthat.com
assets.adobedtm.com
cdn.cookielaw.org
d24wuq6o951i2g.cloudfront.net
d3m889aznlr23d.cloudfront.net
dpm.demdex.net
frontend.cdn.splashthat.com
geolocation.onetrust.com
js.datadome.co
region1.analytics.google.com
register.paloaltonetworks.com
s3.amazonaws.com
sstats.paloaltonetworks.com
static.ads-twitter.com
stats.g.doubleclick.net
third-party-tracking-manager.services.splashthat.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paloaltonetworks.com
register.paloaltonetworks.com
www.paloaltonetworks.com
142.250.185.100
142.250.186.131
146.75.120.157
151.101.194.133
151.101.2.133
18.66.122.78
18.66.92.124
2001:4860:4802:34::36
216.58.212.163
2600:9000:235a:da00:d:9239:1640:21
2606:4700:4400::6812:2089
2606:4700::6812:572a
2a00:1450:4001:830::2008
2a00:1450:400c:c02::9c
2a02:26f0:480:f95::c3a
2a02:26f0:480:f9d::1e80
52.217.201.40
52.28.147.84
52.72.15.253
63.140.62.27
63.32.87.126
077323503aeb1ebec0d69ad1c205b39e02704dbe6e71fb5e2efed2767077323f
0d0466f40117162e14168e5c7f4dc74e0b8f52fe510f6855d36ced41e0ba0787
15cd84ac41f741f2d923779a27e15503cae4fab8b96eb0ecafdbd192f6d3b374
18968dce75ba42b30e3bf5761003a6e3d2b2c81c854d9e94f9fbb222eeefc9ec
19555dd671a3336043eb706eeae51c4815b098dff4ab99f756ec2065df080c18
1b40c724e90a7051e0289d0a1680c199f056c40f471712ea2c7f4bc88e8c3290
2003684d0dca4a5838a3fa6c7f4a8bcb44f09e64e2758acc30e9b746263f6079
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2187eef14afa40b4f38c92fd2b33e4b0e00678ead886d4ae732038decc1f375d
21e33f608138cc95dc3719ad8ab25a52feddf3e8419c8c80cc6364def42786e3
22f3182f4cd9e391e4365a8c954b1a74f93549d9e7be63c1e4ff341586641245
231c26a5c8b00d30d0a4345817cec3109073e68e76fad8ff906595b9246b1977
23d692ce8542baf7661710f69ce7e6c4b8e3e2a9e36af5c4f2907f4202add42a
2c8a80b5a25ba6c81d389714f5070c89b46702ecbe02b62dc9de0d5f25e41d97
2e9dc0974276e9c5a4349969060086d62f56f3eb18b0c3efb45c415fd9efeacd
3179f4e154e785ff1de37f634d3ceaba3bf116bef703bb2709b6e11b76c6a5ea
388e59cb1d7c6846908a93fc161602601a00b971d4f8c61b980a8c2b8c52ef48
39f480b809b1598b19e424f085b716bfc7648251d1f405b8f5ad74df072be802
3ad03e4d956f477929bf3090546fae8271b16dfe54f2bc6ad017986d889811b4
44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82
56de3621a46bdc33c099526f09b75b28229664fc34ae428293cc2e4447b238f2
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5ce6f5f87c1852f2e66666155b56fb1e0d6f5592b9d921087eaf03156ae52efd
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6202b3772ad64771970f2db71bf1f15b29a9835cd6efe572126542edc0615a9a
66ff45b1ee02eeafa25aed60fc8b1667ce39e3cb66bc049f0127359909f969d8
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
6f701084a8f1bd51f3722021e8afce775881e7722dccea63fe7665294d506e27
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
73b8626eb05dbf69909b99e5c8c8197b4c7bbb871a2b704c445d652f04818170
78b5b4f743f983fa9a4d19c8e788de058c8404f0a23698a298f78d77555a6708
7b950e3a7338a8de6a9d98343de4123de85b3974abe810f6b16216cf10881e68
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
814d26b16a5d09e519899741b81c8036d8e578044230564c10ddf941a672796e
81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286
89f125b7633bf1dd3b9cb333af71341748cec8bcb21210ce5722b36c631f635e
8b8e7e43e1fb18c0c9e1b7c051da53a2da4f04900dae7cb40a3b157ffc785c1b
8d5b44f309f9c0c7d1b9f409e34037873a7c8a42388e456f0894231b45503112
8dbd8021424c9f3069bd131360bb5f7e6421c4039fd284f750978cc4cc557aad
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d
9ef4a6fb0f4ec50c94eaab29a60df1bcab1b5707dafa62b40dfaf39804ddef63
a0219cf1724380331659324569cbf02f0032eedead5a0fb5bf39e2bd0cd28832
a57a36856843347c611be4f82a4de24be9a90afc16cb8ac74e5824a111d78c17
a72d7a2f767fb7f1a5c913b5616757519ee7491ce31578a7fa659f9c79e88261
ac75272635b5ab0e7ccc23f6c5f2b1e116a150315d72e152479a0e9494f58927
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
b37462ec047ac9d039293069605de2b175e68a2736025df927ea7c21c8cee54f
b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15
b4f2876a599f90a2bd52fe770b5f00b070fedfb085f4e2d49b170248ae54a723
c868a99b459823528d45f7d8601f7151cc59120ca72dbff2e02e64a7f1bb8fa5
c96b719bf19b437273cc70090f5f640e3575b46630803832e9aaa63a5fbb7d8d
c9d9831d621296d3c12a4976576e9cebe816b549ef516b33ecdbd11d3e39da25
cc466d698919a654ba74f40cdd7143a27a50eed4f45a93d72b58525300a7570f
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d63467b16b6a31d8d16c874dad12a716af9ef7399d9aeba93b758b88c60fde0e
d68c5f24c3ef679d4b69b32e6718117d1fb75931dfae4a08e557667bd8d92201
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb553f40c9e6dc7c36c0224ea7d628ef44143002e9bdb0efba72655ad4b8affe
ec1312525aca4397e20375368311ce80b02ae0aec25a48865bb7973e2c3f2100
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f116d1acc5da769e8c151c715f2694f79a95c91498472a8d155dc2afe69f9c36
f59d6cb8aa9db5245ad133059ea2b87d3fcdffe6b7dd526741192b9619f2f207
f68ed97448a5c4917df50a7569319d0fe459c689454de78332220771c4adc1cb
fd158ceeeb440d6ba2efdd9ec9c6f88a1af0c6799c9cbbbc0b6115148ee43282

register.paloaltonetworks.com Open in urlscan Pro 151.101.2.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

96 %HTTPS

38 %IPv6

15 Domains

22 Subdomains

22 IPs

4 Countries

3819 kBTransfer

11101 kBSize

10 Cookies

9 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

register.paloaltonetworks.com Open in urlscan Pro
151.101.2.133 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

96 %
HTTPS

38 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

3819 kB
Transfer

11101 kB
Size

10
Cookies

74 HTTP transactions
0 data transactions