resources.perimeterx.com Open in urlscan Pro
54.85.164.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg=
Effective URL:
https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-ju...
Submission: On July 19 via api (July 19th 2022, 6:09:41 pm UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 36 domains to perform 123 HTTP transactions. The main IP is 54.85.164.109, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is resources.perimeterx.com.
TLS certificate: Issued by Amazon on March 14th 2022. Valid for: a year.

This is the only time resources.perimeterx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.85.164.109 54.85.164.109	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	13.32.99.6 13.32.99.6	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c2a4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
10	54.160.16.35 54.160.16.35	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 6	2600:9000:224... 2600:9000:224a:7800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2437	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.220.8.206 54.220.8.206	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:9000:225... 2600:9000:2251:4800:12:3734:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	34.149.125.36 34.149.125.36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	52.18.233.217 52.18.233.217	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	65.9.54.23 65.9.54.23	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.30 13.32.99.30	16509 (AMAZON-02) (AMAZON-02)
4	18.66.248.89 18.66.248.89	16509 (AMAZON-02) (AMAZON-02)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.222.214.117 52.222.214.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:6b::7	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:5f::a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
123	43

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

mkto-sj130112.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.164.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-164-109.compute-1.amazonaws.com

resources.perimeterx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

overpass-30e2.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-6.fra60.r.cloudfront.net

cdn-app.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.cdn.lookbookhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c2a4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

client.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

sapi2003.botchk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.160.16.35 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-16-35.compute-1.amazonaws.com

jukebox.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:224a:7800:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2437 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.8.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-8-206.eu-west-1.compute.amazonaws.com

cnv.event.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.153.60 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.62 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:4800:12:3734:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

001-vjx-104.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.125.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 36.125.149.34.bc.googleusercontent.com

b.px-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.233.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-233-217.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.54.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-54-23.arn54.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net

lftracker.leadfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.248.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-89.dus51.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-117.fra56.r.cloudfront.net

cdn.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:6b::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5ednss.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:5f::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5e6nsz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	youtube.com www.youtube.com — Cisco Umbrella Rank: 107	890 KB
12	pathfactory.com cdn-app.pathfactory.com — Cisco Umbrella Rank: 102986 jukebox.pathfactory.com — Cisco Umbrella Rank: 59730 cdn.pathfactory.com — Cisco Umbrella Rank: 154348	462 KB
11	googlevideo.com rr2---sn-4g5ednss.googlevideo.com — Cisco Umbrella Rank: 87486 rr5---sn-4g5e6nsz.googlevideo.com — Cisco Umbrella Rank: 72613	770 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69 region1.google-analytics.com — Cisco Umbrella Rank: 2603	65 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2518 d.adroll.com — Cisco Umbrella Rank: 1676	21 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 509	122 KB
6	botchk.net sapi2003.botchk.net — Cisco Umbrella Rank: 741111	3 KB
5	cloudfront.net d10lpsik1i8c69.cloudfront.net	98 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 jnn-pa.googleapis.com — Cisco Umbrella Rank: 355	31 KB
4	lfeeder.com tr.lfeeder.com — Cisco Umbrella Rank: 14557	1 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 138 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 static.doubleclick.net — Cisco Umbrella Rank: 479	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 485 www.linkedin.com — Cisco Umbrella Rank: 534 px4.ads.linkedin.com — Cisco Umbrella Rank: 5743	4 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 436	3 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 247	7 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	499 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	google.com www.google.com — Cisco Umbrella Rank: 17	14 KB
2	px-cdn.net b.px-cdn.net — Cisco Umbrella Rank: 14532	422 B
2	ml-api.io attr.ml-api.io — Cisco Umbrella Rank: 18756	485 B
2	ml-attr.com 2 redirects s.ml-attr.com — Cisco Umbrella Rank: 15386	558 B
2	bidr.io 1 redirects cnv.event.prod.bidr.io — Cisco Umbrella Rank: 9373	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	159 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3954	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819	77 KB
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 7869	2 KB
1	leadfeeder.com lftracker.leadfeeder.com — Cisco Umbrella Rank: 62386	11 KB
1	lookbookhq.com app.cdn.lookbookhq.com — Cisco Umbrella Rank: 70913	183 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4915	501 B
1	mktoresp.com 001-vjx-104.mktoresp.com	318 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8951	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	px-cloud.net client.px-cloud.net — Cisco Umbrella Rank: 8081	136 KB
1	kxcdn.com overpass-30e2.kxcdn.com — Cisco Umbrella Rank: 226419	842 B
1	perimeterx.com resources.perimeterx.com	7 KB
1	mkto-sj130112.com mkto-sj130112.com	1 KB
123	36

	Domain	Requested by
19	www.youtube.com	mkto-sj130112.com client.px-cloud.net www.youtube.com resources.perimeterx.com
10	jukebox.pathfactory.com	cdn-app.pathfactory.com client.px-cloud.net
9	rr5---sn-4g5e6nsz.googlevideo.com	www.youtube.com
8	www.google-analytics.com	www.googletagmanager.com client.px-cloud.net
6	cdn.cookielaw.org	www.googletagmanager.com client.px-cloud.net
6	s.adroll.com	2 redirects www.googletagmanager.com resources.perimeterx.com client.px-cloud.net
6	sapi2003.botchk.net	client.px-cloud.net
5	d10lpsik1i8c69.cloudfront.net	client.px-cloud.net
4	jnn-pa.googleapis.com	www.youtube.com
4	tr.lfeeder.com	resources.perimeterx.com
3	region1.google-analytics.com	www.googletagmanager.com client.px-cloud.net
3	secure.adnxs.com	3 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	rr2---sn-4g5ednss.googlevideo.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.facebook.com	resources.perimeterx.com
2	connect.facebook.net	client.px-cloud.net
2	www.google.com	resources.perimeterx.com www.youtube.com
2	b.px-cdn.net	client.px-cloud.net
2	px.ads.linkedin.com	2 redirects
2	attr.ml-api.io	resources.perimeterx.com
2	s.ml-attr.com	2 redirects
2	cnv.event.prod.bidr.io	1 redirects resources.perimeterx.com
2	www.googletagmanager.com	resources.perimeterx.com www.googletagmanager.com
2	munchkin.marketo.net	resources.perimeterx.com munchkin.marketo.net
2	maxcdn.bootstrapcdn.com	resources.perimeterx.com maxcdn.bootstrapcdn.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	cdn.pathfactory.com	resources.perimeterx.com
1	settings.luckyorange.net	client.px-cloud.net
1	lftracker.leadfeeder.com	client.px-cloud.net
1	app.cdn.lookbookhq.com	client.px-cloud.net
1	www.google.de	resources.perimeterx.com
1	d.adroll.com	client.px-cloud.net
1	stats.g.doubleclick.net	client.px-cloud.net
1	px4.ads.linkedin.com	resources.perimeterx.com
1	www.linkedin.com	1 redirects
1	001-vjx-104.mktoresp.com	munchkin.marketo.net
1	tracking.g2crowd.com	mkto-sj130112.com
1	snap.licdn.com	www.googletagmanager.com
1	client.px-cloud.net	resources.perimeterx.com
1	cdn-app.pathfactory.com	resources.perimeterx.com
1	overpass-30e2.kxcdn.com	resources.perimeterx.com
1	fonts.googleapis.com	resources.perimeterx.com
1	resources.perimeterx.com	mkto-sj130112.com
1	mkto-sj130112.com
123	47

This site contains links to these domains. Also see Links.

Domain
onetrust.com
www.perimeterx.com

Subject Issuer	Validity	Valid
mkto-sj130112.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
resources.perimeterx.com Amazon	`2022-03-14` - `2023-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2021-08-28` - `2022-08-28`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.pathfactory.com Amazon	`2022-07-11` - `2023-08-09`	a year	crt.sh
botchk.net R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-09-30`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
perimeterx.net GeoTrust RSA CA 2018	`2021-08-18` - `2022-09-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.leadfeeder.com Amazon	`2022-02-01` - `2023-03-02`	a year	crt.sh
*.lfeeder.com Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-07-12` - `2022-09-20`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Frame ID: 87C967459EF7F8BD71CDB3953AA7DECC
Requests: 76 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
Frame ID: 5AC28FC022EBCDC904C844D5F225D2AC
Requests: 40 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Frame ID: E2C79E31A25F9DCEDD7C948FC477EDDF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

[Webinar]: Breaking the Web Attack LifecycleBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1... Page URL
https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_ca... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

123
Requests

93 %
HTTPS

60 %
IPv6

36
Domains

47
Subdomains

43
IPs

6
Countries

3216 kB
Transfer

9171 kB
Size

53
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.perimeterx.com/legal/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg= Page URL
https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://cnv.event.prod.bidr.io/log/cnv?tag_id=83&buzz_key=intentsify&value=&segment_key=&account_id=2&order=[ORDER]&ord=2113481927 HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=83&buzz_key=intentsify&value=&segment_key=&account_id=2&order=%5BORDER%5D&ord=2113481927&_bee_ppp=1

Request Chain 20

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dperimeterx.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800

Request Chain 22

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c%26utm_campaign%3Dnewsletter-july-2022%26utm_source%3Dmarketo%26utm_medium%3Demail HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D48062%26time%3D1658254175317%26url%3Dhttps%253A%252F%252Fresources.perimeterx.com%252Fnews-web-attack-lifecycle-webinar%253Fmkt_tok%253DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c%2526utm_campaign%253Dnewsletter-july-2022%2526utm_source%253Dmarketo%2526utm_medium%253Demail%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c%26utm_campaign%3Dnewsletter-july-2022%26utm_source%3Dmarketo%26utm_medium%3Demail&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c%26utm_campaign%3Dnewsletter-july-2022%26utm_source%3Dmarketo%26utm_medium%3Demail&liSync=true&e_ipv6=AQLzWjvKH-6KwAAAAYIXpq6d3VhARHuL_fXOYorjFqdlZ6ulgngiUXbLtebqEPwqM1Y9XmZKY8x6cHOKLZAis965RIkl9A

Request Chain 25

https://s.adroll.com/j/exp/YDMIA7YLU5BMFL5TTCRXA7/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 26

https://s.adroll.com/j/pre/YDMIA7YLU5BMFL5TTCRXA7/YJQFMCNONVBU3GUCROIR7B/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 68

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 91

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID HTTP 302
https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800

123 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg=
mkto-sj130112.com/ 625 B
1 KB 357ms
241ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-7gATEegg3VTRESOJbybpRIwne+efofUiCV0GCsx+do8=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 72d568aceea6698f-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-7gATEegg3VTRESOJbybpRIwne+efofUiCV0GCsx+do8=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Tue, 19 Jul 2022 18:09:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: 93299bc5fa8326fb

GET
H2 200 Primary Request news-web-attack-lifecycle-webinar Show response
resources.perimeterx.com/ 18 KB
7 KB 464ms
260ms Document
text/html 54.85.164.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c

Requested by

Host: mkto-sj130112.com
URL: https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.85.164.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-85-164-109.compute-1.amazonaws.com

Software

Resource Hash

72ecb0f825bbb193c2a16a72863c35c7c8d1bb3657677f8c9a58cef5f054f80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://mkto-sj130112.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Jul 2022 18:09:34 GMT
etag: W/"72ecb0f825bbb193c2a16a72863c35c7"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-content-type-options: nosniff
x-request-id: 02325a80-86e6-40de-a84b-492ed41ac91b
x-runtime: 0.149775

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 36ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700|Lato:400,700

Requested by

Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

390aca4ba708128182c4802df7c4a1d3a85566b96bf2542caa3b4ea1f1507c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 18:06:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Jul 2022 18:09:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Jul 2022 18:09:34 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 71ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 7584828
cdn-cachedat: 2021-04-23 01:05:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 791e19af343cb791079df77c7da7aa30
cf-ray: 72d568b19e7c0208-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 overpass.css
overpass-30e2.kxcdn.com/ 6 KB
842 B 28ms
6ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://overpass-30e2.kxcdn.com/overpass.css
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b25e835722ffbec8ab733d999dc194aa9ef7fcf00edc594e453f2823e0c65fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:34 GMT
content-encoding: br
last-modified: Fri, 30 Dec 2016 09:56:37 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"58662f55-180e"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Tue, 26 Jul 2022 18:09:34 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 56ms
19ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 18:09:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 278 KB
86 KB 66ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQ65KGZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b4c7a9a15d35b15529458a9ddcdb7f8bb7e4d5e30995e4ee7fbbcf7d2e9e4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87954
x-xss-protection: 0
expires: Tue, 19 Jul 2022 18:09:35 GMT

GET
H2 200 tracks.js Show response
cdn-app.pathfactory.com/production/jukebox/current/ 2 MB
431 KB 40ms
7ms Script
text/javascript 13.32.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b02b20ba6ecbfd77a7b5951a906f6b9e230a607e2bd7002ae7ea79fcd7fdc1a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 01:04:24 GMT
server: AmazonS3
age: 17654
etag: W/"6fda9e6587b709557a0a50e260685a14"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
cache-control: max-age=43200
date: Tue, 19 Jul 2022 13:15:34 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 4lQ7moJLRNGqUpCFMCXZ4l5V3NxBA_I-JrPvB5f5DQz1Q7v23UmAHQ==

GET
H2 200 main.min.js Show response
client.px-cloud.net/PX2003/ 286 KB
136 KB 41ms
8ms Script
application/javascript 2a02:26f0:ef::5c7b:c2a4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://client.px-cloud.net/PX2003/main.min.js
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2a4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4446e54d7bd0f4dbad541c2fcf0778d5fad8278020999a1a9c1f47838310c67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
etag: "476f6-9agS4ZAEG9RaCUwjDM22MN5S1C4"
active-cdn: Akamai
x-px-hash: MTAyNWZlNzQxNWRiOTg2YTViODJjNzVmODY4MzQ2YTg4YWY0N2MxODk0M2IxOTdmYTUzNDNhNjcxNDY0ZDk4YQ==
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=900,stale-while-revalidate=86400,stale-if-error=3600
content-length: 138262

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 97ms
97ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 18:09:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Thu, 27 Oct 2022 18:09:35 GMT

POST
H2 200 collector Show response
sapi2003.botchk.net/api/v2/ 563 B
822 B 215ms
33ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi2003.botchk.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 95744cdc4c47da8dd92131b9988d6fd95f8d50c9494b90fae73d164aae40be28

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jul 2022 18:09:34 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 563

OPTIONS
H2 200 page_views
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 316ms
100ms Preflight 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-16-35.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.perimeterx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 19 Jul 2022 18:09:35 GMT

POST
H2 200 page_views Show response
jukebox.pathfactory.com/api/public/v1/ 153 B
1019 B 380ms
185ms XHR
application/json 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-16-35.compute-1.amazonaws.com

Software

Resource Hash

34a4308c13521dc3cb126e7d33fce9d16dfd4cb1c8b7878f6bcc05e664f1c180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 7200
vary: Accept, Origin, Accept-Encoding
x-request-id: 176fe2f0-dc6b-4754-9656-da749960541f
x-runtime: 0.082912
referrer-policy: no-referrer-when-downgrade
etag: W/"34a4308c13521dc3cb126e7d33fce9d1"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
72 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5CWZF51H2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ65KGZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16a0341f59c51cf94081a5aa329a35dab0b502812db5dfafccfdec65c457a49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73990
x-xss-protection: 0
expires: Tue, 19 Jul 2022 18:09:35 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 117 KB
45 KB 50ms
21ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PCDTQ25

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ65KGZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03a1eed13a551b30fa4bfd065eead271496a92c41e4f562e6627d37f55ee00b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45245
x-xss-protection: 0
expires: Tue, 19 Jul 2022 18:09:35 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 33ms
8ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ65KGZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 18:09:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13970
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 52 KB
17 KB 36ms
13ms Script
text/javascript 2600:9000:224a:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ65KGZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: J7p8W1lQgNY91qwUxZU3x.y9IQrTVjMu
Content-Encoding: gzip
Etag: W/"d570d2e0cc47679b5bf3a6f9ff5b9e5b"
Age: 2157
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jun 2022 21:03:48 GMT
Server: AmazonS3
Date: Tue, 19 Jul 2022 17:33:41 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: PTGVgRHVQ0EQJZFzV1tq7C9R8A1aaXLK6s2w9DhxPX1wrZrH0NZ0wQ==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 50ms
22ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ65KGZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4m3LBpuQ5au3un+sbdTm6g==
age: 6156
vary: Accept-Encoding
content-length: 6922
x-ms-lease-status: unlocked
last-modified: Thu, 14 Jul 2022 19:31:29 GMT
server: cloudflare
etag: 0x8DA65CF736BBFE4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29181591-f01e-014c-73d5-9759ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72d568b3cbf4cc42-ZRH

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: mkto-sj130112.com
URL: https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe3cdb6342633b630a1636d3a83f1beb1aa5a9404078a93618f3235f4d609f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 19 Jul 2022 18:09:35 GMT

GET
H2 200 4607.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 160ms
129ms Script
text/javascript 2606:4700:4400::6812:2437
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/4607.js?p=https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&e=

Requested by

Host: mkto-sj130112.com
URL: https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2437 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0b2fb221-5ebd-484a-a7b1-31b93b591c1e
x-runtime: 0.003199
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 72d568b3c86601e3-ZRH

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=83&buzz_key=intentsify&value=&segment_key=&account_id=2&order=[ORDER]&ord=2113481927
https://cnv.event.prod.bidr.io/log/cnv?tag_id=83&buzz_key=intentsify&value=&segment_key=&account_id=2&order=%5BORDER%5D&ord=2113481927&_bee_ppp=1

43 B
793 B

34ms
34ms

Image
image/gif

54.220.8.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=83&buzz_key=intentsify&value=&segment_key=&account_id=2&order=%5BORDER%5D&ord=2113481927&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Server

54.220.8.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-8-206.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 19 Jul 2022 18:09:35 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=83&buzz_key=intentsify&value=&segment_key=&account_id=2&order=%5BORDER%5D&ord=2113481927&_bee_ppp=1
Date: Tue, 19 Jul 2022 18:09:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dperimeterx.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800

0
243 B

409ms
384ms

Image
application/json

2600:9000:2251:4800:12:3734:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Server: 2600:9000:2251:4800:12:3734:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
apigw-requestid: Vhr3BgYFIAMESOw=
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
content-length: 0
x-amz-cf-id: xwZ44qBdaLOHnOm-4g1r0KVJ9bHhU-PoL61K7wPLhDwiZoIEbx53PA==

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 18:09:35 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 918fcf60-3737-41af-9fee-b0102f16286c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK visitWebPage
001-vjx-104.mktoresp.com/webevents/ 2 B
318 B 618ms
154ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://001-vjx-104.mktoresp.com/webevents/visitWebPage?_mchNc=1658254175294&_mchCn=&_mchId=001-VJX-104&_mchTk=_mch-perimeterx.com-1658254175294-16445&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&_mchHo=resources.perimeterx.com&_mchPo=&_mchRu=%2Fnews-web-attack-lifecycle-webinar&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fmkto-sj130112.com%2F&_mchQp=utm_source%3Dmarketo__-__utm_medium%3Demail__-__utm_campaign%3Dnewsletter-july-2022__-__mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 18:09:35 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 2376ef87-50bd-49f3-8365-ddc3b77a0a0d

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D48062%26time%3D1658254175317%26url%3Dhttps%253A%252F%252Fresources.perimeterx.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7w...

0
266 B

268ms
203ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c%26utm_campaign%3Dnewsletter-july-2022%26utm_source%3Dmarketo%26utm_medium%3Demail&liSync=true&e_ipv6=AQLzWjvKH-6KwAAAAYIXpq6d3VhARHuL_fXOYorjFqdlZ6ulgngiUXbLtebqEPwqM1Y9XmZKY8x6cHOKLZAis965RIkl9A
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 861A6435B5864B018CDD9D1EB9C59C7B Ref B: VIEEDGE2314 Ref C: 2022-07-19T18:09:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkLGMeCN9Ja2//+lp6+A==
x-li-fabric: prod-lor1

Redirect headers

date: Tue, 19 Jul 2022 18:09:35 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2942B4C4C50841B394A54E48D7A1F9C6 Ref B: VIEEDGE1206 Ref C: 2022-07-19T18:09:35Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=48062&time=1658254175317&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Fmkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c%26utm_campaign%3Dnewsletter-july-2022%26utm_source%3Dmarketo%26utm_medium%3Demail&liSync=true&e_ipv6=AQLzWjvKH-6KwAAAAYIXpq6d3VhARHuL_fXOYorjFqdlZ6ulgngiUXbLtebqEPwqM1Y9XmZKY8x6cHOKLZAis965RIkl9A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkLGMZ7z3wNGaO8oZM1w==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
353 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S5CWZF51H2&gtm=2oe7i0&_p=996492216&_z=ccd.v9B&cid=2073525989.1658254175&ul=en-us&sr=1600x1200&_s=1&sid=1658254175&sct=1&seg=0&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5CWZF51H2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resources.perimeterx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
b.px-cdn.net/api/v1/PX2003/d/ 149 B
403 B 37ms
17ms XHR
application/json 34.149.125.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.px-cdn.net/api/v1/PX2003/d/p
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.125.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.125.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 6f316092b8641043bd5753a91dcc8e97c2af38921b03247dc12c5e81a8e33b75

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data; boundary=----------------3bnottvakityzspe

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
via: 1.1 google
access-control-allow-headers: authorization
access-control-allow-methods: HEAD,GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/YDMIA7YLU5BMFL5TTCRXA7/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

10ms
10ms

Script
application/javascript

2600:9000:224a:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: HTTP/1.1
Server: 2600:9000:224a:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: BTP2rshxaRFWPNdrItPYEau9DI6Y8oce
Via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 34168
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Wed, 06 Jul 2022 18:15:57 GMT
Server: AmazonS3
Date: Tue, 19 Jul 2022 08:40:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Lvjhv54Ke0wIhznAn-wg2cKZScGB6SVTzYtVG_yCOnuap-NmJi6k1g==

Redirect headers

Date: Tue, 19 Jul 2022 09:24:04 GMT
Via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
Age: 31530
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: osD2oR_e_v6PgQbZH4exK8YgHc8x9MdJsRuuOMQ3-XeKS9b5rfyHGg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/YDMIA7YLU5BMFL5TTCRXA7/YJQFMCNONVBU3GUCROIR7B/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

11ms
11ms

Script
application/javascript

2600:9000:224a:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: HTTP/1.1
Server: 2600:9000:224a:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 35294
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Tue, 19 Jul 2022 08:21:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 27C34mwouttR4AmS1IIJsTiSu34EfDNpx9y3GKXKR9-BjzGkFoiU7w==

Redirect headers

Date: Tue, 19 Jul 2022 14:02:57 GMT
Via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
Age: 14797
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: z-h4Ihm8JEWuXOkktuy0Rg9lwPeSc2679CgTrLO32_nZKHgYLt4cUA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/YDMIA7YLU5BMFL5TTCRXA7/YJQFMCNONVBU3GUCROIR7B/ 0
809 B 29ms
11ms Script
text/javascript 2600:9000:224a:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/YDMIA7YLU5BMFL5TTCRXA7/YJQFMCNONVBU3GUCROIR7B/index.js
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: tzVexVo_CX.1u9K4aI1PdAmzfG6_5fBT
Via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2955
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Sun, 17 Jul 2022 01:31:13 GMT
Server: AmazonS3
Date: Tue, 19 Jul 2022 17:20:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8610Htm3Le8yWATze3fgchW8Zq1oh1e_mA-4nmcRUvDejHNUnhojOA==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/9504bca9/www-widgetapi.vflset/ 159 KB
51 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0da1fc9c1b23d76d5b0f9d3154f4141b30a6926b68523c37ec483dd0200945a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 16:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52491
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 19 Jul 2023 16:49:24 GMT

GET
H2 200 740a51be-bd50-4765-b76c-0ee7167b128c.json Show response
cdn.cookielaw.org/consent/740a51be-bd50-4765-b76c-0ee7167b128c/ 3 KB
2 KB 75ms
50ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/740a51be-bd50-4765-b76c-0ee7167b128c/740a51be-bd50-4765-b76c-0ee7167b128c.json

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f73bc7302a48f92cc74f62598a5ad67a447f9e6c591fd653f1c89af4a5213c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: SLzrUuc5KrvzHsemRtbwmg==
vary: Accept-Encoding
content-length: 1275
x-ms-lease-status: unlocked
last-modified: Thu, 27 Jan 2022 17:56:48 GMT
server: cloudflare
etag: 0x8D9E1BE63DB27A6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c26ebfc1-001e-0170-7296-59ed77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72d568b48c150215-ZRH
expires: Tue, 19 Jul 2022 22:09:35 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3818
date: Tue, 19 Jul 2022 17:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 19 Jul 2022 19:05:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=996492216&t=pageview&_s=1&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAAC~&jid=1749327553&gjid=1157223471&cid=2073525989.1658254175&tid=UA-57261032-1&_gid=903963447.1658254175&_r=1&gtm=2wg7i0NQ65KGZ&cd5=news%20web%20attack%20lifecycle%20webinar&cd8=resources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&cd10=null&cd11=null&cd12=null&z=329463740

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resources.perimeterx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-57261032-1&cid=2073525989.1658254175&jid=1749327553&gjid=1157223471&_gid=903963447.1658254175&_u=YADAAEAAQAAAAC~&z=254463047

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 19 Jul 2022 18:09:35 GMT
content-type: text/plain
access-control-allow-origin: https://resources.perimeterx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.14.0/ 369 KB
82 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bk+c/8JAdlTEAluR1Sm6dw==
age: 23659289
vary: Accept-Encoding
content-length: 83472
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:15 GMT
server: cloudflare
etag: 0x8D8D8E82BC311EE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3c8761f1-501e-0028-4d6c-c4af59000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72d568b4ed72cc42-ZRH

GET
H2 200 YDMIA7YLU5BMFL5TTCRXA7 Show response
d.adroll.com/consent/check/ 449 B
542 B 101ms
32ms Script
application/javascript 52.18.233.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/YDMIA7YLU5BMFL5TTCRXA7?arrfrr=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&_s=10882f87bcda86899aabbb3ed512ea81&_b=2
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.233.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-233-217.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 98260df4f292209f6b77f38b6b7a8cca022ebc996ac489ed984a351ebc306df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
server: nginx/1.20.0
content-length: 449
content-type: application/javascript

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/740a51be-bd50-4765-b76c-0ee7167b128c/7db516e1-b839-4652-9f03-4ca7c9545199/ 75 KB
17 KB 48ms
48ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/740a51be-bd50-4765-b76c-0ee7167b128c/7db516e1-b839-4652-9f03-4ca7c9545199/en.json

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3783a450dbbff3e5c15673dc8ff4348cb71b818c43c18cb8e19bbe236c45fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +IDd5yKFHYCANhs1gb1cEw==
vary: Accept-Encoding
content-length: 16729
x-ms-lease-status: unlocked
last-modified: Thu, 27 Jan 2022 17:56:49 GMT
server: cloudflare
etag: 0x8D9E1BE646C7C71
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8c694aba-101e-0146-4c96-594025000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72d568b52ce90215-ZRH
expires: Tue, 19 Jul 2022 22:09:35 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 56ms
35ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-57261032-1&cid=2073525989.1658254175&jid=1749327553&_u=YADAAEAAQAAAAC~&z=1366354485

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 53ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-57261032-1&cid=2073525989.1658254175&jid=1749327553&_u=YADAAEAAQAAAAC~&z=1366354485

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 32ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: T13ck4F0XiqDLKp/eGVapPmgHPQjFFy8zGwaU/ALghuB3EAd9OeKiPWT/KDbLcB20n/f+zu1ieiAVn6LQEWUxQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 19 Jul 2022 18:09:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jukebox.js Show response
app.cdn.lookbookhq.com/production/jukebox/current/ 683 KB
183 KB 13ms
7ms Script
text/javascript 13.32.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93f2e0ec5bdac100d5c45192320aeae54aefd4e34064773d281ccad99ca2777a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 01:04:24 GMT
server: AmazonS3
age: 30056
etag: W/"b1d1c4c410ccb107d04dafa6f2d7f492"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
cache-control: max-age=43200
date: Tue, 19 Jul 2022 09:48:40 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: tyUFBTCtoTuZM0trVc9OSpGBYdfgPYLNjUTGn5U1GaaOXroWUe_bQA==

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 113ms
36ms Script
application/javascript 65.9.54.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.54.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-54-23.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ef6b24ec78bb3ac4bdfa91d2abf4d9f2d4b543ad54c411d50e4307fc8677110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:31:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 22:59:53 GMT
server: AmazonS3
age: 2293
etag: W/"eb0a40c00c97d9640177205882172295"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cb05e10ed4a973b87ff15498c30d269c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: SldqqDuvGDmT3n4SDo2kfij2YQ3dw2dGcDHzs8UUwcCeZWzH7dIsYw==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/ 12 KB
3 KB 56ms
56ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/otFlat.json

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BkZngIV1hzEthgbkouRUbA==
vary: Accept-Encoding
content-length: 2832
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:04 GMT
server: cloudflare
etag: 0x8D8D8E825563082
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 90491bdc-701e-00da-2c96-597dcd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72d568b58db20215-ZRH

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/ 47 KB
12 KB 51ms
51ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/otPcCenter.json

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8jNYupXcL2bcdab+1R7CAg==
vary: Accept-Encoding
content-length: 11511
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:07 GMT
server: cloudflare
etag: 0x8D8D8E827001198
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a0508b34-801e-0065-2596-5969bb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72d568b58db40215-ZRH

GET
H2 200 lftracker_v1_9mDnrdyX0ng1KXMv.js Show response
lftracker.leadfeeder.com/ 29 KB
11 KB 29ms
7ms Script
application/javascript 13.32.99.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lftracker.leadfeeder.com/lftracker_v1_9mDnrdyX0ng1KXMv.js
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-30.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 139fc90823b96a757bba2c141df7fa3811af648b70cd294723a3dbb47cb13b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: _vGDpzyT8SqbIqKQjJGReZGviOfU8A69
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 07:03:30 GMT
server: AmazonS3
age: 3374
etag: W/"c6baef4235444eeb7c09f78f14e761e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Tue, 19 Jul 2022 17:23:10 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: T93501L7RAUrdjHk31Dob-fntdfd9Emmd37BZXnJlqN0SPfkQ5atJA==

OPTIONS
H2 200 init
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 103ms
102ms Preflight 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/init?image=&title=&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&clientId=LB-FE20E0D4-10557
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-16-35.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://resources.perimeterx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 19 Jul 2022 18:09:35 GMT

GET
H2 204 init Show response
jukebox.pathfactory.com/api/public/v1/ 0
741 B 127ms
127ms XHR
text/plain 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/init?image=&title=&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&clientId=LB-FE20E0D4-10557

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-16-35.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.018054
date: Tue, 19 Jul 2022 18:09:35 GMT
referrer-policy: no-referrer-when-downgrade
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: 9e8f2597-e88a-4a16-991f-e366ddb077b7

GET
H3 200 368880343933228 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 131ms
121ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/368880343933228?v=2.9.65&r=stable

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28e696f1e4297a65c928a3c82a163d9eacba8bea8725beea0b8aa2470dc88248

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9Kg3pDe0RVRSvQvZH6TBS3z0iatddBAZ5uwKE/VZZ/GO/HcsWFkDDObYfUDfDXtevLEBd3EZH5sQZereE8m1gw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 19 Jul 2022 18:09:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658254175813
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 83ms
56ms Image
image/gif 18.66.248.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=9mDnrdyX0ng1KXMv&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTU3MjYxMDMyLTEiXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVM1Q1daRjUxSDIiXSwiZ2FDbGllbnRJZHMiOlsiMjA3MzUyNTk4OS4xNjU4MjU0MTc1Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTAuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9yZXNvdXJjZXMucGVyaW1ldGVyeC5jb20vbmV3cy13ZWItYXR0YWNrLWxpZmVjeWNsZS13ZWJpbmFyP3V0bV9zb3VyY2U9bWFya2V0byZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1uZXdzbGV0dGVyLWp1bHktMjAyMiZta3RfdG9rPU1EQXhMVlpLV0MweE1EUUFBQUdGdHBmSTg2ajd3UjE0YXJvc2RmZDVWVHlnX2QyWEdLdXp0ZUxleXkxSDBmWHNmaEFDOEdIVGJmX1JtWDRzNkc1UXpYM01yclNvX0VRTGVlc2pzMlRRSGxMRTY2eC1mLUo3cW1YczlQUFdJLWMiLCJwYWdlVGl0bGUiOiJbV2ViaW5hcl06IEJyZWFraW5nIHRoZSBXZWIgQXR0YWNrIExpZmVjeWNsZSIsInJlZmVycmVyIjoiaHR0cHM6Ly9ta3RvLXNqMTMwMTEyLmNvbS8ifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI4NDljY2FjZTUzNWJmNTY3Iiwic2NyaXB0SWQiOiI5bURucmR5WDBuZzFLWE12IiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS4zODFkZjRmZTVhNTZiYzUyLjE2NTgyNTQxNzU2OTAiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-89.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: FEHUa0QAVQ_78wwTZC6ig2ZUqfn7TyhyhYWxd8J4eds3b2dZgfeWhA==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 init
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 101ms
101ms Preflight 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/init?image=&title=&url=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&clientId=LB-FE20E0D4-10557
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-16-35.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://resources.perimeterx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 19 Jul 2022 18:09:35 GMT

GET
H2 204 init Show response
jukebox.pathfactory.com/api/public/v1/ 0
738 B 115ms
114ms XHR
text/plain 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-16-35.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.012936
date: Tue, 19 Jul 2022 18:09:35 GMT
referrer-policy: no-referrer-when-downgrade
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: 8a3d00af-bb3c-4ec1-a1cb-d60286853ea7

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 59ms
59ms Image
image/gif 18.66.248.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=9mDnrdyX0ng1KXMv&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTU3MjYxMDMyLTEiXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVM1Q1daRjUxSDIiXSwiZ2FDbGllbnRJZHMiOlsiMjA3MzUyNTk4OS4xNjU4MjU0MTc1Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTAuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9yZXNvdXJjZXMucGVyaW1ldGVyeC5jb20vbmV3cy13ZWItYXR0YWNrLWxpZmVjeWNsZS13ZWJpbmFyP3V0bV9zb3VyY2U9bWFya2V0byZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1uZXdzbGV0dGVyLWp1bHktMjAyMiZta3RfdG9rPU1EQXhMVlpLV0MweE1EUUFBQUdGdHBmSTg2ajd3UjE0YXJvc2RmZDVWVHlnX2QyWEdLdXp0ZUxleXkxSDBmWHNmaEFDOEdIVGJmX1JtWDRzNkc1UXpYM01yclNvX0VRTGVlc2pzMlRRSGxMRTY2eC1mLUo3cW1YczlQUFdJLWMiLCJwYWdlVGl0bGUiOiJbV2ViaW5hcl06IEJyZWFraW5nIHRoZSBXZWIgQXR0YWNrIExpZmVjeWNsZSIsInJlZmVycmVyIjoiaHR0cHM6Ly9ta3RvLXNqMTMwMTEyLmNvbS8ifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIyM2UzMGM5ZTY2YmY1NjExIiwic2NyaXB0SWQiOiI5bURucmR5WDBuZzFLWE12IiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS4zODFkZjRmZTVhNTZiYzUyLjE2NTgyNTQxNzU2OTAiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-89.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: fRSG61jr6VUoD0OH5J7J0rNuHUlE-YY2j9OFxrgGyK1fmc4Kx5r_Tw==

GET
H2 200 / Show response
settings.luckyorange.net/ 3 KB
2 KB 139ms
117ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&s=84276

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac71282491ce20bf0ec757d38766702d061c286bcf046ff91b076c80f1139c3e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://resources.perimeterx.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BO4QdMJ1Lt7Ur%2BOnTIjdrCRKS8x%2BNCewErY3996y29IMV1OY%2FbMpK30suHr3tzYovFWo%2FyxsK1yToUl9d%2Fd0Exy9W8Ui9Ggvhgl6BYZVNfm7QPX4fUZ2k4p7z6v4LEnjw6v5mzIN7EDHw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 72d568b6ebafbbcd-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 24ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=368880343933228&ev=PageView&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&rl=https%3A%2F%2Fmkto-sj130112.com%2F&if=false&ts=1658254175845&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658254175844.1002056027&it=1658254175686&coo=false&exp=u0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 19 Jul 2022 18:09:35 GMT

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 101ms
99ms Preflight 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-16-35.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.perimeterx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 19 Jul 2022 18:09:35 GMT

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 100ms
100ms Preflight 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-16-35.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.perimeterx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 19 Jul 2022 18:09:35 GMT

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
740 B 115ms
115ms XHR
text/plain 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-16-35.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.013291
date: Tue, 19 Jul 2022 18:09:36 GMT
referrer-policy: no-referrer-when-downgrade
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: d6ae9644-6593-451b-a557-1d0c1d44841b

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
741 B 116ms
116ms XHR
text/plain 54.160.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.16.35 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-16-35.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.013830
date: Tue, 19 Jul 2022 18:09:36 GMT
referrer-policy: no-referrer-when-downgrade
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.perimeterx.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: 65e2c6dc-dac0-4be2-8d94-1393a5eb4414

GET
H3 200 Z8dcIGkZOU8 Show response
www.youtube.com/embed/ Frame 5AC2 63 KB
26 KB 84ms
83ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1

Requested by

Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa458bfea228782224a6e595c8676bab2933e83c5271d1d0f7be84c5df14b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 19 Jul 2022 18:09:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b2a93cd2-f0be-4fc1-add0-5efcd43f9990.png
cdn.pathfactory.com/assets/10557/thumbnails/223901/ 27 KB
27 KB 454ms
421ms Image
image/png 52.222.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/assets/10557/thumbnails/223901/b2a93cd2-f0be-4fc1-add0-5efcd43f9990.png
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bd684ed0da0278e42aefd41e2d076a5faf8252731b57cf18f273fe135281e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 19 Jul 2022 18:09:37 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
last-modified: Mon, 28 Sep 2020 21:41:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "a233c05fbc043c924cedb64cea0d2f44"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-length: 27290
x-amz-cf-id: 2EteOlHl3b4Ik3ybYc2eMCwNsYl8u_PSpZTGiqnmYJc8QKZ-4mfumg==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 62ms
45ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://resources.perimeterx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-cachedat: 06/09/2022 01:10:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "926c93d201fe51c8f351e858468980c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6a524c4fee4af879369f6dea54294667
accept-ranges: bytes
cf-ray: 72d568b7d97a0215-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame E2C7 287 KB
92 KB 140ms
70ms Script
application/javascript 65.9.54.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.54.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-54-23.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92f65d433b40a4c4719b742357563d08b1c16d6396571933da9f02f9ef7424d8

Request headers

Referer
Origin: https://resources.perimeterx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:48:59 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2542838
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
etag: W/"16e967413dfa0346be281513c77581b9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a970743f386cb7ff58c6ef8459b5f9e0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: O17mEjgl0O_KsKCXBi5wleHasqNCoVCIRrm_qLy0xOUyqgDrSozFZg==

GET
H3 200 www-player.css
www.youtube.com/s/player/9504bca9/ Frame 5AC2 340 KB
47 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b5f8724b8debef2315c69c6e86e6b2e73bdf0e98e0b4c93c9682dcc2193d328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47784
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:37:01 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/9504bca9/www-embed-player.vflset/ Frame 5AC2 306 KB
95 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39fdd945d57670f715bf4c29b019c7a1940c7bf2e22ce0e43a55972801d8bdb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96899
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:37:01 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/ Frame 5AC2 2 MB
564 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a1a43b8f1572eda37f2a92410d535475a6d96bb10982efc4914d757b8e17336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577886
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:40:39 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/9504bca9/fetch-polyfill.vflset/ Frame 5AC2 9 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:37:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5AC2 15 KB
16 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 3775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Jul 2023 17:06:41 GMT

POST
H3 200 collector Show response
sapi2003.botchk.net/api/v2/ 18 B
35 B 48ms
32ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi2003.botchk.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5AC2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

45ms
29ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1380f89316ba0cc8fddfa3721f5795442da9a0db398bd97340688fbcdacf1bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5AC2 29 B
588 B 30ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:04:42 GMT
x-content-type-options: nosniff
age: 294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Jul 2022 18:19:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
14ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 19 Jul 2022 18:09:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5AC2 64 KB
30 KB 326ms
25ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79c06787e005b7b5ae1734bda68249e1bc8d12cb62ffe41c9b923adbb253cbe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30360
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 5AC2 65 KB
21 KB 132ms
132ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

07d2d327e3f06dbd6bfa8eb9174ea0093399e8f900af82a59b5c141c29257d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220717.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Goog-Visitor-Id: CgtQT3B5d3lZeWdVcyjf5tuWBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21500
x-xss-protection: 0
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 7NiKc6nqQhr5rjYVra_OuaNkVbB_QaCEaAcRg6BMbC8.js Show response
www.google.com/js/th/ Frame 5AC2 36 KB
14 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/7NiKc6nqQhr5rjYVra_OuaNkVbB_QaCEaAcRg6BMbC8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecd88a73a9ea421af9ae3615adafceb9a36455b07f41a08468071183a04c6c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 516943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:33:53 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/ Frame 5AC2 27 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f9902fea60725d0ce0e2fe992af8691b65d20dfe1d2132a12643c163adb9177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8107
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:40:39 GMT

GET
DATA 200
OK truncated
/ Frame 5AC2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQNsewWnzWiMq08QBSE-nrrTR77jWw_PhsJY5CvCw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5AC2 3 KB
3 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQNsewWnzWiMq08QBSE-nrrTR77jWw_PhsJY5CvCw=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b8fb7519a9d2995223deea3ec1dee966cae4af0776e565d74f51ae399512569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 16:46:40 GMT
x-content-type-options: nosniff
age: 4976
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2855
x-xss-protection: 0
server: fife
etag: "v93"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 12 Jul 2022 07:05:40 GMT

GET
DATA 200
OK truncated
/ Frame 5AC2 414 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68b45aae6ef7af08f3ef232ac69fba8e6f6372d8858798049b1e44bf70d3f13d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 36ms
26ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=368880343933228&ev=Microdata&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&rl=https%3A%2F%2Fmkto-sj130112.com%2F&if=false&ts=1658254176365&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle%22%2C%22og%3Asite_name%22%3A%22PerimeterX%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.pathfactory.com%2Fassets%2F10557%2Fcontents%2F418937%2Fthumbnails%2F600x%2F0.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658254175844.1002056027&it=1658254175686&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 5AC2 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?lTnpkA
Requested by: Host: resources.perimeterx.com
URL: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 5AC2 0
19 B 52ms
52ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=t3TkJIjPuWNbRtOW&el=embedded&ns=yt&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24220089%2C24221532%2C24222952%2C24226335%2C24238983%2C24241936%2C24245161%2C39321934&cl=461497679&seq=1&docid=Z8dcIGkZOU8&ei=YPPWYrazEenDx_APm-ya0Ag&event=streamingstats&plid=AAXkLGMgoOvJGQGK&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FZ8dcIGkZOU8%3Fautoplay%3Dtrue%26cc_load_policy%3D0%26rel%3D0%26start%3D110%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fresources.perimeterx.com%26widgetid%3D1&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220717.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.200:B,0.200:B&cmt=0.009:0.000,0.200:110.000&afs=0.200:251::i&vfs=0.200:247:247::r&view=0.200:1600:1200&bwe=0.200:130000&bat=0.200:1:1&vis=0.200:0&bh=0.200:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
X-YouTube-Client-Version: 1.20220717.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQT3B5d3lZeWdVcyjf5tuWBg%3D%3D
X-YouTube-Ad-Signals: dt=1658254176145&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5ednss.googlevideo.com/ Frame 5AC2 1 KB
2 KB 50ms
7ms Fetch
text/plain 2a00:1450:4001:6b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5ednss.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=4q&mm=31%2C26&mn=sn-4g5ednss%2Csn-aigl6ns6&ms=au%2Conr&mv=m&mvi=2&pl=49&initcwndbps=456250&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=video%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=27469814&dur=2312.960&lmt=1656621210041274&mt=1658253913&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgPlI3CRwbPwvsmHuYo1icLvO-Wc-5_LwnZnMX27lozbkCIEMMYfETC5uvH8TUVfnS5sXGdgvRaw8vvW0pMplrBCqD&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAISRJTZJ8vIMUu7r1ib2u0PsOR3e-_gimdcU1VToo8JcAiEAovoabfi7L0nE3MTa35D59bfu_SbTg6vNZlbMi9US09A%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&range=0-8055&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6b::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8784d0564d4c893ec7b41b237427c3dbbda7e85f30caf931671f8a7bcc74b3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 18:09:36 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1146
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5ednss.googlevideo.com/ Frame 5AC2 1 KB
2 KB 49ms
8ms Fetch
text/plain 2a00:1450:4001:6b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5ednss.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=251&source=youtube&requiressl=yes&mh=4q&mm=31%2C26&mn=sn-4g5ednss%2Csn-aigl6ns6&ms=au%2Conr&mv=m&mvi=2&pl=49&initcwndbps=456250&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=audio%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=30593180&dur=2313.001&lmt=1656623663212094&mt=1658253913&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMC8bTFHgbr9GN72aehUTSlRRibU7QGhQOZebhIpCCb7AiAIhla9bBy_4gLUBKeVSXfiXAm9Ii7evotZdu4aJ-HnOQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAISRJTZJ8vIMUu7r1ib2u0PsOR3e-_gimdcU1VToo8JcAiEAovoabfi7L0nE3MTa35D59bfu_SbTg6vNZlbMi9US09A%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&range=0-4302&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6b::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c892d9a6ae89d364dd120895d55b51327a63512286ba5dd8721905dd0646ea95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 18:09:36 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1069
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/ Frame 5AC2 119 KB
37 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13550bbdea9428d9d746c5285f744157b968443a413a6940fd820a515bae047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37789
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:41:10 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/ Frame 5AC2 65 KB
24 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f60cd557429c58c43ef6f1891266a3b38d868c5e8c454601d95768f7ab26183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24410
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:41:10 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/ Frame 5AC2 28 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8502cebd7314ef9a30d26c3ad84e2a3a8c4ff1c3fa5109071e22b7630a18f55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7807
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 00:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 23:41:10 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 5AC2 30 KB
5 KB 193ms
192ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a102286b7ada0f3b721de31a12bbb78ffb54bba0d5c8f26adcaa95c6e4efefa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220717.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Goog-Visitor-Id: CgtQT3B5d3lZeWdVcyjf5tuWBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4649
x-xss-protection: 0
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 34ms
34ms Image
image/png 65.9.54.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.54.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-54-23.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 30 May 2022 21:38:12 GMT
via: 1.1 cb05e10ed4a973b87ff15498c30d269c.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
age: 4307485
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: ARN54-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: IYkXGrzBHoPdptWtc5eCEs4s8wLw60MQgS33iwVHvJVnlGBBAxOEZw==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
620 B 35ms
35ms Image
image/png 65.9.54.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.54.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-54-23.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 30 May 2022 21:38:12 GMT
via: 1.1 cb05e10ed4a973b87ff15498c30d269c.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
age: 4307485
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: ARN54-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: ld1B8Q2RmmURHR0eY8Lz9IprXdGRJEj0qRP0fY2H38HAbc6Ls6Ed3A==

GET
H2 200 /
tr.lfeeder.com/ 43 B
292 B 40ms
39ms Image
image/gif 18.66.248.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=9mDnrdyX0ng1KXMv&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTU3MjYxMDMyLTEiXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVM1Q1daRjUxSDIiXSwiZ2FDbGllbnRJZHMiOlsiMjA3MzUyNTk4OS4xNjU4MjU0MTc1Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTAuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9yZXNvdXJjZXMucGVyaW1ldGVyeC5jb20vbmV3cy13ZWItYXR0YWNrLWxpZmVjeWNsZS13ZWJpbmFyP3V0bV9zb3VyY2U9bWFya2V0byZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1uZXdzbGV0dGVyLWp1bHktMjAyMiZta3RfdG9rPU1EQXhMVlpLV0MweE1EUUFBQUdGdHBmSTg2ajd3UjE0YXJvc2RmZDVWVHlnX2QyWEdLdXp0ZUxleXkxSDBmWHNmaEFDOEdIVGJmX1JtWDRzNkc1UXpYM01yclNvX0VRTGVlc2pzMlRRSGxMRTY2eC1mLUo3cW1YczlQUFdJLWMiLCJwYWdlVGl0bGUiOiJbV2ViaW5hcl06IEJyZWFraW5nIHRoZSBXZWIgQXR0YWNrIExpZmVjeWNsZSIsInJlZmVycmVyIjoiaHR0cHM6Ly9ta3RvLXNqMTMwMTEyLmNvbS8ifSwiZXZlbnQiOiJ2aWRlby1zdGFydCIsImNsaWVudEV2ZW50SWQiOiI0YTc5YTFiN2M4NTRjY2RkIiwic2NyaXB0SWQiOiI5bURucmR5WDBuZzFLWE12IiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS4zODFkZjRmZTVhNTZiYzUyLjE2NTgyNTQxNzU2OTAiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnsidmlkZW9VcmwiOiJodHRwczovL3d3dy55b3V0dWJlLmNvbS93YXRjaD92PVo4ZGNJR2taT1U4IiwidmlkZW9UaXRsZSI6IkJyZWFraW5nIHRoZSBXZWIgQXR0YWNrIExpZmVjeWNsZSJ9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-89.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: Ev10OEUiDqunWbQTLSHeSCe1Jzm0_aOa0gx_0mtp9n7R5Ldwsu4F-A==

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 39ms
39ms Image
image/gif 18.66.248.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=9mDnrdyX0ng1KXMv&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTU3MjYxMDMyLTEiXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVM1Q1daRjUxSDIiXSwiZ2FDbGllbnRJZHMiOlsiMjA3MzUyNTk4OS4xNjU4MjU0MTc1Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTAuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9yZXNvdXJjZXMucGVyaW1ldGVyeC5jb20vbmV3cy13ZWItYXR0YWNrLWxpZmVjeWNsZS13ZWJpbmFyP3V0bV9zb3VyY2U9bWFya2V0byZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1uZXdzbGV0dGVyLWp1bHktMjAyMiZta3RfdG9rPU1EQXhMVlpLV0MweE1EUUFBQUdGdHBmSTg2ajd3UjE0YXJvc2RmZDVWVHlnX2QyWEdLdXp0ZUxleXkxSDBmWHNmaEFDOEdIVGJmX1JtWDRzNkc1UXpYM01yclNvX0VRTGVlc2pzMlRRSGxMRTY2eC1mLUo3cW1YczlQUFdJLWMiLCJwYWdlVGl0bGUiOiJbV2ViaW5hcl06IEJyZWFraW5nIHRoZSBXZWIgQXR0YWNrIExpZmVjeWNsZSIsInJlZmVycmVyIjoiaHR0cHM6Ly9ta3RvLXNqMTMwMTEyLmNvbS8ifSwiZXZlbnQiOiJ2aWRlby1zdGFydCIsImNsaWVudEV2ZW50SWQiOiI5ZGIyYTlkZWZhZmJhYTM2Iiwic2NyaXB0SWQiOiI5bURucmR5WDBuZzFLWE12IiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS4zODFkZjRmZTVhNTZiYzUyLjE2NTgyNTQxNzU2OTAiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnsidmlkZW9VcmwiOiJodHRwczovL3d3dy55b3V0dWJlLmNvbS93YXRjaD92PVo4ZGNJR2taT1U4IiwidmlkZW9UaXRsZSI6IkJyZWFraW5nIHRoZSBXZWIgQXR0YWNrIExpZmVjeWNsZSJ9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-89.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: yArzr_ZpLJ1rxNo9w76Qm4FxUQ2iwr9Nf1diTAerJGvoEPCTS-fYbw==

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dperimeterx.com%26pId%3d%24UID
https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800

0
242 B

344ms
343ms

Image
application/json

2600:9000:2251:4800:12:3734:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800
Protocol: H2
Server: 2600:9000:2251:4800:12:3734:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:37 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
apigw-requestid: Vhr3LiUcIAMESdQ=
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/json
content-length: 0
x-amz-cf-id: 41m7AbrCYzKjcwly4fNWzpNPk-w8bV9rPpZdlslBHxKuL6fdMA1zwA==

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 18:09:36 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: be14c063-e418-4153-b296-20666e088373
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=perimeterx.com&pId=3716180566209168800
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 8 KB
8 KB 343ms
305ms Fetch
video/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsz.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=video%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=27469814&dur=2312.960&lmt=1656621210041274&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgPlI3CRwbPwvsmHuYo1icLvO-Wc-5_LwnZnMX27lozbkCIEMMYfETC5uvH8TUVfnS5sXGdgvRaw8vvW0pMplrBCqD&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&redirect_counter=1&cm2rm=sn-4g5e667l&cms_redirect=yes&cmsv=e&mh=4q&mm=34&mn=sn-4g5e6nsz&ms=ltu&mt=1658254129&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANneZSgxs5CAUMzXlWaUWgHrTI5UW69bM3FvxvHP_CWzAiBBC2IGEdKFQyCQnJIeMa-JvWchaJdElx4v3gRJcIfXeg%3D%3D&range=0-8055&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fa717a26e9d98c7703c72aaf03e6aa15680019ac06dff38aac097b04e2d0db1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8056
client-protocol: quic
last-modified: Thu, 30 Jun 2022 20:33:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 4 KB
4 KB 44ms
7ms Fetch
audio/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsz.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=251&source=youtube&requiressl=yes&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=audio%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=30593180&dur=2313.001&lmt=1656623663212094&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMC8bTFHgbr9GN72aehUTSlRRibU7QGhQOZebhIpCCb7AiAIhla9bBy_4gLUBKeVSXfiXAm9Ii7evotZdu4aJ-HnOQ%3D%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&redirect_counter=1&cm2rm=sn-4g5e667l&cms_redirect=yes&cmsv=e&mh=4q&mm=34&mn=sn-4g5e6nsz&ms=ltu&mt=1658254129&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSWIosAwBTov9UIdcmmGxEt6DRrPN3IZQ0biSs3LdoI8CIQCil8igLxTIDcaUyDq3PHHPSMqU8m1vmh6JxrcOCtUwog%3D%3D&range=0-4302&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

631b69aedb4853b3fd62c13a0346d508d0378f84e2bdf03711d5f353f5cd409b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4303
client-protocol: quic
last-modified: Thu, 30 Jun 2022 21:14:23 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=996492216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fnews-web-attack-lifecycle-webinar&el=25&_u=aDDAAEABQAAAAC~&jid=&gjid=&cid=2073525989.1658254175&tid=UA-57261032-1&_gid=903963447.1658254175&gtm=2wg7i0NQ65KGZ&cd5=news%20web%20attack%20lifecycle%20webinar&cd8=resources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&cd10=null&cd11=null&cd12=null&z=1705449086

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 14:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12899
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=996492216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fnews-web-attack-lifecycle-webinar&el=50&_u=aDDAAEABQAAAAC~&jid=&gjid=&cid=2073525989.1658254175&tid=UA-57261032-1&_gid=903963447.1658254175&gtm=2wg7i0NQ65KGZ&cd5=news%20web%20attack%20lifecycle%20webinar&cd8=resources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&cd10=null&cd11=null&cd12=null&z=1719962601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 14:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12899
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=996492216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fnews-web-attack-lifecycle-webinar&el=75&_u=aDDAAEABQAAAAC~&jid=&gjid=&cid=2073525989.1658254175&tid=UA-57261032-1&_gid=903963447.1658254175&gtm=2wg7i0NQ65KGZ&cd5=news%20web%20attack%20lifecycle%20webinar&cd8=resources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&cd10=null&cd11=null&cd12=null&z=365064108

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 14:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12899
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=996492216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fnews-web-attack-lifecycle-webinar&el=100&_u=aDDAAEABQAAAAC~&jid=&gjid=&cid=2073525989.1658254175&tid=UA-57261032-1&_gid=903963447.1658254175&gtm=2wg7i0NQ65KGZ&cd5=news%20web%20attack%20lifecycle%20webinar&cd8=resources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&cd10=null&cd11=null&cd12=null&z=22785813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 14:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12899
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 64 KB
64 KB 9ms
8ms Fetch
audio/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsz.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=251&source=youtube&requiressl=yes&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=audio%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=30593180&dur=2313.001&lmt=1656623663212094&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMC8bTFHgbr9GN72aehUTSlRRibU7QGhQOZebhIpCCb7AiAIhla9bBy_4gLUBKeVSXfiXAm9Ii7evotZdu4aJ-HnOQ%3D%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&redirect_counter=1&cm2rm=sn-4g5e667l&cms_redirect=yes&cmsv=e&mh=4q&mm=34&mn=sn-4g5e6nsz&ms=ltu&mt=1658254129&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSWIosAwBTov9UIdcmmGxEt6DRrPN3IZQ0biSs3LdoI8CIQCil8igLxTIDcaUyDq3PHHPSMqU8m1vmh6JxrcOCtUwog%3D%3D&range=769751-835286&rn=5&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cc05cc08305253f9b03f2f78828298914553c329930baa7690695e69977a369a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Thu, 30 Jun 2022 21:14:23 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5AC2 4 KB
3 KB 62ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 AKedOLQNsewWnzWiMq08QBSE-nrrTR77jWw_PhsJY5CvCw=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5AC2 4 KB
4 KB 44ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQNsewWnzWiMq08QBSE-nrrTR77jWw_PhsJY5CvCw=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3901afed0d9ca62a933e21c580d601d5fa046635a7c471034d78485359ab452f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:06:26 GMT
x-content-type-options: nosniff
age: 190
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4184
x-xss-protection: 0
server: fife
etag: "v93"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Jul 2022 10:05:11 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 64 KB
64 KB 21ms
21ms Fetch
audio/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsz.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=251&source=youtube&requiressl=yes&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=audio%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=30593180&dur=2313.001&lmt=1656623663212094&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMC8bTFHgbr9GN72aehUTSlRRibU7QGhQOZebhIpCCb7AiAIhla9bBy_4gLUBKeVSXfiXAm9Ii7evotZdu4aJ-HnOQ%3D%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&redirect_counter=1&cm2rm=sn-4g5e667l&cms_redirect=yes&cmsv=e&mh=4q&mm=34&mn=sn-4g5e6nsz&ms=ltu&mt=1658254129&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSWIosAwBTov9UIdcmmGxEt6DRrPN3IZQ0biSs3LdoI8CIQCil8igLxTIDcaUyDq3PHHPSMqU8m1vmh6JxrcOCtUwog%3D%3D&range=835287-900822&rn=6&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6b972df7ef316b0108ec6081386804472c7e1dfc156fb731bf5db5a676d20f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Thu, 30 Jun 2022 21:14:23 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 64 KB
64 KB 7ms
7ms Fetch
audio/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsz.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=251&source=youtube&requiressl=yes&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=audio%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=30593180&dur=2313.001&lmt=1656623663212094&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMC8bTFHgbr9GN72aehUTSlRRibU7QGhQOZebhIpCCb7AiAIhla9bBy_4gLUBKeVSXfiXAm9Ii7evotZdu4aJ-HnOQ%3D%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&redirect_counter=1&cm2rm=sn-4g5e667l&cms_redirect=yes&cmsv=e&mh=4q&mm=34&mn=sn-4g5e6nsz&ms=ltu&mt=1658254129&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSWIosAwBTov9UIdcmmGxEt6DRrPN3IZQ0biSs3LdoI8CIQCil8igLxTIDcaUyDq3PHHPSMqU8m1vmh6JxrcOCtUwog%3D%3D&range=900823-966358&rn=7&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a027e34350954faad291010d595bf8d3d93c395f689681dca067690d82bbe5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Thu, 30 Jun 2022 21:14:23 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 64 KB
64 KB 8ms
8ms Fetch
audio/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsz.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=251&source=youtube&requiressl=yes&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=audio%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=30593180&dur=2313.001&lmt=1656623663212094&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMC8bTFHgbr9GN72aehUTSlRRibU7QGhQOZebhIpCCb7AiAIhla9bBy_4gLUBKeVSXfiXAm9Ii7evotZdu4aJ-HnOQ%3D%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&redirect_counter=1&cm2rm=sn-4g5e667l&cms_redirect=yes&cmsv=e&mh=4q&mm=34&mn=sn-4g5e6nsz&ms=ltu&mt=1658254129&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSWIosAwBTov9UIdcmmGxEt6DRrPN3IZQ0biSs3LdoI8CIQCil8igLxTIDcaUyDq3PHHPSMqU8m1vmh6JxrcOCtUwog%3D%3D&range=966359-1031894&rn=8&rbuf=4076

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c83ff3b23d9449b2b81516aadb59009c9673fc48b8d8c9093d931bbf7393f537

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Thu, 30 Jun 2022 21:14:23 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/103/ Frame 5AC2 52 KB
15 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/103/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 22:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15123
x-xss-protection: 0
last-modified: Mon, 02 May 2022 15:04:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 19 Jul 2022 22:20:27 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5AC2 98 B
142 B 30ms
30ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44644fbe4888f48af6c76dc3b9c7db2be67193b72aab4a804232ac1ab914970c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 21ms
20ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 19 Jul 2022 18:09:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 136 KB
136 KB 14ms
13ms Fetch
audio/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nsz.googlevideo.com/videoplayback?expire=1658275776&ei=YPPWYrazEenDx_APm-ya0Ag&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2b6a%3A56a5%3Ac0e7&id=o-ANgUiKbuMWrE8hdixlV0wayfVbDld5zdiQFiZ6E2ICw_&itag=251&source=youtube&requiressl=yes&spc=lT-KhhViA6vI9dR3TwACwYyj67Y703E&vprv=1&mime=audio%2Fwebm&ns=fKdoVN3bi_YkUmmO-bY2UkAH&gir=yes&clen=30593180&dur=2313.001&lmt=1656623663212094&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=07kGaGzNrWs19w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMC8bTFHgbr9GN72aehUTSlRRibU7QGhQOZebhIpCCb7AiAIhla9bBy_4gLUBKeVSXfiXAm9Ii7evotZdu4aJ-HnOQ%3D%3D&alr=yes&cpn=t3TkJIjPuWNbRtOW&cver=1.20220717.00.00&redirect_counter=1&cm2rm=sn-4g5e667l&cms_redirect=yes&cmsv=e&mh=4q&mm=34&mn=sn-4g5e6nsz&ms=ltu&mt=1658254129&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSWIosAwBTov9UIdcmmGxEt6DRrPN3IZQ0biSs3LdoI8CIQCil8igLxTIDcaUyDq3PHHPSMqU8m1vmh6JxrcOCtUwog%3D%3D&range=1031895-1171418&rn=9&rbuf=8981

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2ff0ec760f0d658144fc48e4f7cb6bc329b026124245b5b208b8d596294d890e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139524
client-protocol: quic
last-modified: Thu, 30 Jun 2022 21:14:23 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 19 Jul 2022 18:09:36 GMT

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 55ms
54ms Stylesheet
text/css 65.9.54.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.54.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-54-23.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 16:48:53 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
age: 2683244
etag: W/"7144eaceff0b31347712515a6116074e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 cb05e10ed4a973b87ff15498c30d269c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: oBLJmwrP8tqsxetWcK31KcpoUJXprtLj8KqkxPMqve_06h7ifgCmHw==

GET
BLOB 200
OK edd72b86-dc9b-442e-b98c-f98f96108f36
https://resources.perimeterx.com/ Frame E2C7 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://resources.perimeterx.com/edd72b86-dc9b-442e-b98c-f98f96108f36
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 243a8eb6-548e-4149-be6a-1d6d46b830b9
https://resources.perimeterx.com/ Frame E2C7 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://resources.perimeterx.com/243a8eb6-548e-4149-be6a-1d6d46b830b9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 31224

POST
H3 200 collector Show response
sapi2003.botchk.net/api/v2/ 453 B
471 B 110ms
110ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi2003.botchk.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c790ceee84e49f3f5cd4ed6f50510d2af2411a75bd1f77ee527840b481085200

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jul 2022 18:09:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453

POST
H3 200 collector Show response
sapi2003.botchk.net/api/v2/ 441 B
459 B 72ms
71ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi2003.botchk.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: af693badb7dd30454d09ca16d9d5b5ec8876f82a6a0d9942bac1979ae909bb26

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jul 2022 18:09:37 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 81 KB
81 KB 8ms
8ms Fetch
video/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ced3878b25d930a7910cd01b362f05f4b6923bfebcbf0fcc1d88fa7229d33f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82959
client-protocol: quic
last-modified: Thu, 30 Jun 2022 20:33:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 19 Jul 2022 18:09:37 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5e6nsz.googlevideo.com/ Frame 5AC2 280 KB
280 KB 7ms
6ms Fetch
video/webm 2a00:1450:4001:5f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

26e0a7d79a8fcba0e2ce478397a3f8c156be5df102fd6eb81f5e72e7523581f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:09:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286529
client-protocol: quic
last-modified: Thu, 30 Jun 2022 20:33:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Tue, 19 Jul 2022 18:09:37 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 5AC2 0
17 B 16ms
15ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=t3TkJIjPuWNbRtOW&ver=2&cmt=110&fmt=247&fs=0&rt=1.611&euri=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-j&lact=1635&cl=461497679&mos=1&volume=100&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220717.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=2313.001&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24220089%2C24221532%2C24222952%2C24226335%2C24238983%2C24241936%2C24245161%2C39321934&rtn=11&afmt=251&size=1600%3A1200&inview=0&muted=1&docid=Z8dcIGkZOU8&ei=YPPWYrazEenDx_APm-ya0Ag&plid=AAXkLGMgoOvJGQGK&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FZ8dcIGkZOU8%3Fautoplay%3Dtrue%26cc_load_policy%3D0%26rel%3D0%26start%3D110%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fresources.perimeterx.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdCYzgxRzJUTTUwXy1ELVBSZHZlV01oZDhLaHRkR01QT2lVUFc1bUlsVlU0d2JXQVBta0tETFhPS2NWLTFKeVoyVmx3SzdTN1JlV0Q0eTNnd0dnQVctWXMtTHg0dERHcjVobjdfWWlISVFHNUdaSG1FbTlYM3E4ZnU1REdVc2xjRzR2NTlF

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
X-YouTube-Client-Version: 1.20220717.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQT3B5d3lZeWdVcyjf5tuWBg%3D%3D
X-YouTube-Ad-Signals: dt=1658254176145&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 5AC2 0
19 B 25ms
25ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=Z8dcIGkZOU8&cpn=t3TkJIjPuWNbRtOW&ei=YPPWYrazEenDx_APm-ya0Ag&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
X-YouTube-Client-Version: 1.20220717.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQT3B5d3lZeWdVcyjf5tuWBg%3D%3D
X-YouTube-Ad-Signals: dt=1658254176145&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5AC2 28 B
54 B 24ms
23ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
X-YouTube-Client-Version: 1.20220717.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQT3B5d3lZeWdVcyjf5tuWBg%3D%3D
X-YouTube-Ad-Signals: dt=1658254176145&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 19 Jul 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 19 Jul 2022 18:09:37 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 31ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S5CWZF51H2&gtm=2oe7i0&_p=996492216&_z=ccd.v9B&cid=2073525989.1658254175&ul=en-us&sr=1600x1200&_s=2&sid=1658254175&sct=1&seg=0&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&en=scroll&epn.percent_scrolled=90&_et=46
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resources.perimeterx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 31ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S5CWZF51H2&gtm=2oe7i0&_p=996492216&_z=ccd.v9B&cid=2073525989.1658254175&ul=en-us&sr=1600x1200&_s=3&sid=1658254175&sct=1&seg=0&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&en=video-play&_c=1&_et=2517
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 18:09:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resources.perimeterx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=996492216&t=event&ni=0&_s=1&dl=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=%5BWebinar%5D%3A%20Breaking%20the%20Web%20Attack%20Lifecycle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=start&el=Breaking%20the%20Web%20Attack%20Lifecycle&_u=aDDAAEABQAAAAC~&jid=&gjid=&cid=2073525989.1658254175&tid=UA-57261032-1&_gid=903963447.1658254175&gtm=2wg7i0NQ65KGZ&cd5=news%20web%20attack%20lifecycle%20webinar&cd8=resources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&cd10=null&cd11=null&cd12=null&z=557375476

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 14:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12900
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p Show response
b.px-cdn.net/api/v1/PX2003/d/ 3 B
19 B 29ms
20ms XHR
application/json 34.149.125.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.px-cdn.net/api/v1/PX2003/d/p
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.125.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.125.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data; boundary=----------------j6x3tl1gheplg0mh

Response headers

date: Tue, 19 Jul 2022 18:09:37 GMT
via: 1.1 google
access-control-allow-headers: authorization
access-control-allow-methods: HEAD,GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5AC2 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9504bca9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Z8dcIGkZOU8?autoplay=true&cc_load_policy=0&rel=0&start=110&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.perimeterx.com&widgetid=1
X-YouTube-Client-Version: 1.20220717.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQT3B5d3lZeWdVcyjf5tuWBg%3D%3D
X-YouTube-Ad-Signals: dt=1658254176070&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 19 Jul 2022 18:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 19 Jul 2022 18:09:38 GMT

POST
H3 200 collector Show response
sapi2003.botchk.net/api/v2/ 441 B
459 B 58ms
57ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi2003.botchk.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b4a19e331d262d89c4b21997b449c6a599810219b7f95fa64ffba5f7fb3c9ce9

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jul 2022 18:09:37 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441

POST
H3 200 collector Show response
sapi2003.botchk.net/api/v2/ 441 B
459 B 24ms
24ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi2003.botchk.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX2003/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2560a182b75599fa59152524697cd4557773293986aa93be2a0fd5be8428d6bd

Request headers

Referer: https://resources.perimeterx.com/news-web-attack-lifecycle-webinar?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-july-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Jul 2022 18:09:40 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.perimeterx.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mkto-sj130112.com/	1970-01-20 04:37:35	Name: __cf_bm Value: K75vhIWQL4GpdXksjHsyX.MNiPMA.kluS8ZRVGiltSc-1658254174-0-ARCRNDTJksnpQRLt/OfMBz+E5yDxHu8UxR2pYr9Rwit/CR6iB2v5bNP89F46hE5sBumZxJCetxULBr3poqt/NJo=
.perimeterx.com/	1970-01-20 22:08:46	Name: vid Value: 77e79a7f-a92d-4643-9de8-7acad75b81ea
resources.perimeterx.com/	1970-01-20 22:10:12	Name: _session_id Value: U0x0UzRaZlF4WkR6WXkrMkdTMzRuSHhud2JDN1hZWWtQTzJQSVhmb1RSZHAvSmsvZ3hKdlhLL2grNnpLUHcybmQzcjFLL3BkZUtjY0JzT3BqVEFncUZwUjJ2YUl6K0RZL3ZtK1ZwNEpSQ3VDS2ExUkFMZWZmdHhDSkwyclpJK1E2cWY5RkxnaGQvZHhTTFJOOGc1QnlubjhEdVBEQUkwV3R5OFJ5cnAzekM2UFdXOVNudzcwUnFURjgxYmRvSmF0OXNUUlR0M3QvN3VnNUg3Z0Y2RVIxNWZGSGdaWTBTZXQ0VTJCM0tTQm41emYzRkRCdVd0MFcwWmEyN3BXVFJ2QnB0a2lPdS9xUDlXb0lPT2dlSFZQQ0treGFIN1A2dGhQMHFIb1NicmNHaWs9LS13OG42TUVRbkVLU2NBb1ExZklmWldBPT0%3D--f0018288fadd95ee6ba9922c5529fd820a5c580f
.perimeterx.com/	1970-01-20 13:23:10	Name: _px_uAB Value: MTMzN3xmYWxzZQ==
.perimeterx.com/	1970-01-20 22:08:46	Name: _mkto_trk Value: id:001-VJX-104&token:_mch-perimeterx.com-1658254175294-16445
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7PZ7beqVwqM
.youtube.com/	1970-01-20 08:56:46	Name: VISITOR_INFO1_LIVE Value: POpywyYygUs
resources.perimeterx.com/	1969-12-31 23:59:59	Name: pxcts Value: f22b034d-078d-11ed-ba62-6e796f78764f
resources.perimeterx.com/	1970-01-20 13:23:10	Name: _pxvid Value: f22af8dd-078d-11ed-ba62-6e796f78764f
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_bdd Value: 1000
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_idp_c Value: 1,s
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_idp_p Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_cl Value: 888
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_scs Value: 1,WOWMAN
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_wow Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_ww Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_af_wp Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_af_sp Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_af_cd Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_af_rf Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_af_se Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_gqlr Value: 1
resources.perimeterx.com/	1970-01-20 04:37:34	Name: _pxff_rid Value: 9715777812338345693
.perimeterx.com/	1970-01-20 13:24:36	Name: __pxvid Value: f23b8559-078d-11ed-a5d8-0242ac120003
tracking.g2crowd.com/	1970-01-20 04:57:43	Name: _session_id Value: 40c095d03f7ca7a778523a3cbdecc3b6
.g2crowd.com/	1970-01-20 04:37:35	Name: __cf_bm Value: zcSZc.qWXgoaKdhZuS8XW5kfZfWAaKx5FnEZDGSzbFg-1658254175-0-AZBGOwyNcwR9EMeNrWxCe0GLz7d7ihKs/NY12deNKyD9Nf/aGVUBcgXN7plbxyTvbWCHF/1CytS6gDJDSbJLE9s=
.perimeterx.com/	1970-01-20 22:08:46	Name: _ga Value: GA1.2.2073525989.1658254175
.perimeterx.com/	1970-01-20 04:39:00	Name: _gid Value: GA1.2.903963447.1658254175
.perimeterx.com/	1970-01-20 04:37:34	Name: _gat_UA-57261032-1 Value: 1
.bidr.io/	1970-01-20 14:06:07	Name: bito Value: AACk907FrecAAEgEvYZ5VA
.bidr.io/	1970-01-20 14:06:07	Name: bitoIsSecure Value: ok
.linkedin.com/	1970-01-20 05:20:46	Name: UserMatchHistory Value: AQLRttHmdYMaPwAAAYIXpqzv9esMtyzYK4IcfEUezLYgdM2wy-wWP8C2x9jYbE0cGTgIRZTOaqXX_Q
.linkedin.com/	1970-01-20 05:20:46	Name: AnalyticsSyncHistory Value: AQIdZHC5O8BwHAAAAYIXpqzwEQ6QxAMgyH38ayWojWEnackb_33LBIjNGsDBlj4W778A__Jvmo0yTARwv-z1FQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:09:28	Name: bcookie Value: "v=2&7252bb60-39c6-4c42-8bfb-e3b28c173274"
.linkedin.com/	1970-01-20 04:39:00	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2714:u=1:x=1:i=1658254175:t=1658340575:v=2:sig=AQEbK82DG-FKT6ypr-8nyKu9QXiTBG6L"
.adnxs.com/	1970-01-20 06:47:10	Name: uuid2 Value: 3716180566209168800
.perimeterx.com/	1970-01-20 22:08:46	Name: _lfa Value: LF1.1.381df4fe5a56bc52.1658254175690
.perimeterx.com/	1970-01-20 13:23:10	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Jul+19+2022+18%3A09%3A35+GMT%2B0000+(GMT)&version=6.14.0&hosts=&consentId=a2497f71-20ff-4010-83be-3d03313faed7&interactionCount=0&landingPath=https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c&groups=C0004%3A1%2CC0003%3A1%2CBG16%3A1%2CC0001%3A1%2CC0002%3A1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 22:09:28	Name: bscookie Value: "v=1&202207191809355bda184f-d852-41c3-83bf-1ff0e650f575AQH1vfTaGH_ziPWMKlR7pqOLigKwSoQS"
.linkedin.com/	1970-01-20 22:05:30	Name: li_gc Value: MTswOzE2NTgyNTQxNzU7MjswMjGGXn94NvScb8vDnd+t01F7bXEg4aVgXTA+28QwduAL1g==
.perimeterx.com/	1970-01-20 06:47:10	Name: _fbp Value: fb.1.1658254175844.1002056027
.facebook.com/	1970-01-20 06:47:10	Name: fr Value: 0PHEWKfd2AMO5jCel..Bi1vNf...1.0.Bi1vNf.
jukebox.pathfactory.com/	1970-01-20 22:10:12	Name: _session_id Value: RGZjSUJYcnJSSnJtM2orcnVLaEgwZDk5NktkSjlFMWJ3bWRpNnltMElxRmZQWFhTTUo5ZVNVRGxGcHNlVk9rWjlZUUI4em1OMkRJS0FQRGZhVmZkeXFmTFpYOWJaTFF4U0d3M3p6c09iWjNzTENDYTE1OWY1NEVoQTlCR0V3ZE1EMjgxWG5WZUJrMHBHRHQvYVdYWWE1RVVidzV4VVNudHhENjZ2ajVuaXFJZGVEUktuajR6WktOOG9PL3BUTWwzLS1DSnVXNXZ4aEZvV2YvbFFHWno1blRnPT0%3D--11eb9f5e485ac6b6b11debd128b442bbbe9d031f
.perimeterx.com/	1970-01-20 08:56:46	Name: __lotr Value: https%3A%2F%2Fmkto-sj130112.com%2F
.perimeterx.com/	1970-01-20 22:08:46	Name: _px_f394gi7Fvmc43dfg_user_id Value: ZjJlMTU0MzAtMDc4ZC0xMWVkLTk0MWItNTNmYWMwNGMzOTk2
.perimeterx.com/	1970-01-20 22:08:46	Name: _lo_uid Value: 84276-1658254175885-56130f793f11d62e
.perimeterx.com/	1970-01-20 04:37:34	Name: _lorid Value: 84276-1658254175885-d8a81b63cc92dc56
.perimeterx.com/	1970-01-20 13:23:10	Name: _lo_v Value: 1
.perimeterx.com/	1970-01-20 08:56:46	Name: __lotl Value: https%3A%2F%2Fresources.perimeterx.com%2Fnews-web-attack-lifecycle-webinar%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-july-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGFtpfI86j7wR14arosdfd5VTyg_d2XGKuzteLeyy1H0fXsfhAC8GHTbf_RmX4s6G5QzX3MrrSo_EQLeesjs2TQHlLE66x-f-J7qmXs9PPWI-c
.perimeterx.com/	1970-01-20 22:08:46	Name: _ga_S5CWZF51H2 Value: GS1.1.1658254175.1.0.1658254177.0
resources.perimeterx.com/	1970-01-20 04:40:26	Name: _px Value: j99MyT54C0Lc3Qrr4MDKN402+q3P4+jThO72NxTXHzl6VWBHRiObfeuPjoGd4IB+68R30ls3+oHiORu4Yq9FGg==:1000:nuOeQ3H0l5E3W6fEtkgNTbeLNOG8zvhr6VQDCuTco+31TkRGSw/Q4p84DpHvS9KakMaJtqpCYxO11LRkW0IjELjAGZLqLlF9f5qNaEQxQ5oRct8+PMOM+NpmVF8HuUXj90gi+ynr/cuKwz50XObT3G7OaCF+6sF0/skuj+sXlmzNFTgNr+K0TWWwPeQO8lUuPWl39K3Tm/x+7Kx/b45pjTzWCurOl45+CK++D2RUrSp5mZ0JbgA9rpRujFL0K9stSgI6c7rLhHS5ed9bdQkgnA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGFtpfI88yQvcpiEoMS2iJdfXeigadmpUywF-KasYl-7df-c4gOBQeBzMD1EY3I-H2Ub99Mscg= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-7gATEegg3VTRESOJbybpRIwne+efofUiCV0GCsx+do8=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

001-vjx-104.mktoresp.com
app.cdn.lookbookhq.com
attr.ml-api.io
b.px-cdn.net
cdn-app.pathfactory.com
cdn.cookielaw.org
cdn.pathfactory.com
client.px-cloud.net
cnv.event.prod.bidr.io
connect.facebook.net
d.adroll.com
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
jukebox.pathfactory.com
lftracker.leadfeeder.com
maxcdn.bootstrapcdn.com
mkto-sj130112.com
munchkin.marketo.net
overpass-30e2.kxcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
resources.perimeterx.com
rr2---sn-4g5ednss.googlevideo.com
rr5---sn-4g5e6nsz.googlevideo.com
s.adroll.com
s.ml-attr.com
sapi2003.botchk.net
secure.adnxs.com
settings.luckyorange.net
snap.licdn.com
static.doubleclick.net
stats.g.doubleclick.net
tr.lfeeder.com
tracking.g2crowd.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
104.17.74.206
104.26.11.16
13.107.43.14
13.32.99.30
13.32.99.6
18.66.248.89
192.28.147.68
2001:4860:4802:32::36
23.205.237.4
2600:9000:224a:7800:6:9280:1080:93a1
2600:9000:2251:4800:12:3734:2a40:93a1
2606:4700:4400::6812:2437
2606:4700::6810:9540
2606:4700::6812:bcf
2620:1ec:22::14
2a00:1450:4001:5f::a
2a00:1450:4001:6b::7
2a00:1450:4001:802::200e
2a00:1450:4001:808::2006
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9c
2a02:26f0:480:f::213:7edd
2a02:26f0:ef::5c7b:c2a4
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a0b:4d07:102::1
34.149.125.36
35.186.220.184
37.252.173.62
52.18.233.217
52.222.214.117
54.160.16.35
54.220.8.206
54.85.164.109
65.9.54.23
68.67.153.60
03a1eed13a551b30fa4bfd065eead271496a92c41e4f562e6627d37f55ee00b9
07d2d327e3f06dbd6bfa8eb9174ea0093399e8f900af82a59b5c141c29257d89
1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1380f89316ba0cc8fddfa3721f5795442da9a0db398bd97340688fbcdacf1bbc
139fc90823b96a757bba2c141df7fa3811af648b70cd294723a3dbb47cb13b1c
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
16a0341f59c51cf94081a5aa329a35dab0b502812db5dfafccfdec65c457a49c
1b4c7a9a15d35b15529458a9ddcdb7f8bb7e4d5e30995e4ee7fbbcf7d2e9e4e8
20f73bc7302a48f92cc74f62598a5ad67a447f9e6c591fd653f1c89af4a5213c
2560a182b75599fa59152524697cd4557773293986aa93be2a0fd5be8428d6bd
26e0a7d79a8fcba0e2ce478397a3f8c156be5df102fd6eb81f5e72e7523581f4
28e696f1e4297a65c928a3c82a163d9eacba8bea8725beea0b8aa2470dc88248
2bd684ed0da0278e42aefd41e2d076a5faf8252731b57cf18f273fe135281e31
2ef6b24ec78bb3ac4bdfa91d2abf4d9f2d4b543ad54c411d50e4307fc8677110
2ff0ec760f0d658144fc48e4f7cb6bc329b026124245b5b208b8d596294d890e
34a4308c13521dc3cb126e7d33fce9d16dfd4cb1c8b7878f6bcc05e664f1c180
3901afed0d9ca62a933e21c580d601d5fa046635a7c471034d78485359ab452f
390aca4ba708128182c4802df7c4a1d3a85566b96bf2542caa3b4ea1f1507c1a
39fdd945d57670f715bf4c29b019c7a1940c7bf2e22ce0e43a55972801d8bdb0
3b5f8724b8debef2315c69c6e86e6b2e73bdf0e98e0b4c93c9682dcc2193d328
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
4446e54d7bd0f4dbad541c2fcf0778d5fad8278020999a1a9c1f47838310c67b
44644fbe4888f48af6c76dc3b9c7db2be67193b72aab4a804232ac1ab914970c
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
631b69aedb4853b3fd62c13a0346d508d0378f84e2bdf03711d5f353f5cd409b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68b45aae6ef7af08f3ef232ac69fba8e6f6372d8858798049b1e44bf70d3f13d
6aa458bfea228782224a6e595c8676bab2933e83c5271d1d0f7be84c5df14b61
6b972df7ef316b0108ec6081386804472c7e1dfc156fb731bf5db5a676d20f78
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f316092b8641043bd5753a91dcc8e97c2af38921b03247dc12c5e81a8e33b75
6f9902fea60725d0ce0e2fe992af8691b65d20dfe1d2132a12643c163adb9177
72ecb0f825bbb193c2a16a72863c35c7c8d1bb3657677f8c9a58cef5f054f80d
79c06787e005b7b5ae1734bda68249e1bc8d12cb62ffe41c9b923adbb253cbe8
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8502cebd7314ef9a30d26c3ad84e2a3a8c4ff1c3fa5109071e22b7630a18f55c
868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b
8784d0564d4c893ec7b41b237427c3dbbda7e85f30caf931671f8a7bcc74b3e8
8b8fb7519a9d2995223deea3ec1dee966cae4af0776e565d74f51ae399512569
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8f60cd557429c58c43ef6f1891266a3b38d868c5e8c454601d95768f7ab26183
92f65d433b40a4c4719b742357563d08b1c16d6396571933da9f02f9ef7424d8
93f2e0ec5bdac100d5c45192320aeae54aefd4e34064773d281ccad99ca2777a
95744cdc4c47da8dd92131b9988d6fd95f8d50c9494b90fae73d164aae40be28
98260df4f292209f6b77f38b6b7a8cca022ebc996ac489ed984a351ebc306df4
9a1a43b8f1572eda37f2a92410d535475a6d96bb10982efc4914d757b8e17336
9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02
a027e34350954faad291010d595bf8d3d93c395f689681dca067690d82bbe5c5
a102286b7ada0f3b721de31a12bbb78ffb54bba0d5c8f26adcaa95c6e4efefa3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f
ac71282491ce20bf0ec757d38766702d061c286bcf046ff91b076c80f1139c3e
af693badb7dd30454d09ca16d9d5b5ec8876f82a6a0d9942bac1979ae909bb26
b02b20ba6ecbfd77a7b5951a906f6b9e230a607e2bd7002ae7ea79fcd7fdc1a3
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25e835722ffbec8ab733d999dc194aa9ef7fcf00edc594e453f2823e0c65fb9
b4a19e331d262d89c4b21997b449c6a599810219b7f95fa64ffba5f7fb3c9ce9
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
c0da1fc9c1b23d76d5b0f9d3154f4141b30a6926b68523c37ec483dd0200945a
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c790ceee84e49f3f5cd4ed6f50510d2af2411a75bd1f77ee527840b481085200
c83ff3b23d9449b2b81516aadb59009c9673fc48b8d8c9093d931bbf7393f537
c892d9a6ae89d364dd120895d55b51327a63512286ba5dd8721905dd0646ea95
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc05cc08305253f9b03f2f78828298914553c329930baa7690695e69977a369a
ced3878b25d930a7910cd01b362f05f4b6923bfebcbf0fcc1d88fa7229d33f04
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa
ec3783a450dbbff3e5c15673dc8ff4348cb71b818c43c18cb8e19bbe236c45fc
ecd88a73a9ea421af9ae3615adafceb9a36455b07f41a08468071183a04c6c2f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13550bbdea9428d9d746c5285f744157b968443a413a6940fd820a515bae047
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa717a26e9d98c7703c72aaf03e6aa15680019ac06dff38aac097b04e2d0db1a
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fe3cdb6342633b630a1636d3a83f1beb1aa5a9404078a93618f3235f4d609f6c

resources.perimeterx.com Open in urlscan Pro 54.85.164.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

93 %HTTPS

60 %IPv6

36 Domains

47 Subdomains

43 IPs

6 Countries

3216 kBTransfer

9171 kBSize

53 Cookies

2 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

resources.perimeterx.com Open in urlscan Pro
54.85.164.109 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

93 %
HTTPS

60 %
IPv6

36
Domains

47
Subdomains

43
IPs

6
Countries

3216 kB
Transfer

9171 kB
Size

53
Cookies

123 HTTP transactions
3 data transactions