URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive...
Submission: On November 01 via api from US — Scanned from FR

Summary

This website contacted 11 IPs in 6 countries across 10 domains to perform 83 HTTP transactions. The main IP is 35.181.189.227, located in Paris, France and belongs to AMAZON-02, US. The main domain is docs-cortex.paloaltonetworks.com. The Cisco Umbrella rank of the primary domain is 620512.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 1st 2024. Valid for: a year.
This is the only time docs-cortex.paloaltonetworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
65 35.181.189.227 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2a04:4e42::485 54113 (FASTLY)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 2 34.251.39.134 16509 (AMAZON-02)
1 3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
2 63.140.62.17 16509 (AMAZON-02)
1 216.239.34.36 15169 (GOOGLE)
83 11
Apex Domain
Subdomains
Transfer
67 paloaltonetworks.com
docs-cortex.paloaltonetworks.com — Cisco Umbrella Rank: 620512
sstats.paloaltonetworks.com — Cisco Umbrella Rank: 147388
3 MB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
168 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
374 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
36 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430
60 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 23630
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
565 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
83 10
Domain Requested by
65 docs-cortex.paloaltonetworks.com docs-cortex.paloaltonetworks.com
3 region1.google-analytics.com 1 redirects docs-cortex.paloaltonetworks.com
www.googletagmanager.com
3 cdn.jsdelivr.net docs-cortex.paloaltonetworks.com
3 www.googletagmanager.com docs-cortex.paloaltonetworks.com
www.googletagmanager.com
assets.adobedtm.com
2 sstats.paloaltonetworks.com assets.adobedtm.com
2 dpm.demdex.net 1 redirects docs-cortex.paloaltonetworks.com
2 cdnjs.cloudflare.com docs-cortex.paloaltonetworks.com
2 assets.adobedtm.com docs-cortex.paloaltonetworks.com
assets.adobedtm.com
1 www.google.fr docs-cortex.paloaltonetworks.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
83 11
Subject Issuer Validity Valid
docs-cortex.paloaltonetworks.com
Go Daddy Secure Certificate Authority - G2
2024-08-01 -
2025-08-31
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-09 -
2025-08-09
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.fr
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
sstats.paloaltonetworks.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-20 -
2025-08-20
a year crt.sh

This page contains 2 frames:

Primary Page: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Frame ID: 90C6A15835640AFD04D4C9023D316EF7
Requests: 82 HTTP requests in this frame

Frame: https://docs-cortex.paloaltonetworks.com/fluidtopicsclient-hostframe.html
Frame ID: 2AA9AF161476EDFB0BF8C367ED1B4180
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Suspicious Azure AD interactive sign-in using PowerShell • Cortex XDR Analytics Alert Reference by data source • Reader • Palo Alto Networks documentation portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

83
Requests

98 %
HTTPS

45 %
IPv6

10
Domains

11
Subdomains

11
IPs

6
Countries

3218 kB
Transfer

8412 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730476636011 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730476636011
Request Chain 34
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-N73Y2HZ540&gtm=45je4au0v895757107za200&_p=1730476635862&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1678028459.1730476636&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730476636&sct=1&seg=0&dl=https%3A%2F%2Fdocs-cortex.paloaltonetworks.com%2Fr%2FCortex-XDR%2FCortex-XDR-Analytics-Alert-Reference-by-data-source%2FSuspicious-Azure-AD-interactive-sign-in-using-PowerShell&dt=Palo%20Alto%20Networks%20documentation%20portal&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&_ee=1&tfd=422 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1678028459.1730476636&dbk=16506000716202251635&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4au0v895757107za200&npa=1&tid=G-N73Y2HZ540&dl=https%3A%2F%2Fdocs-cortex.paloaltonetworks.com%3F

83 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/
5 KB
2 KB
Document
General
Full URL
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
0d6e771550f681cb6d515faed94a0e7bbbacbab427da67fe489a3591294f1965
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
en-US
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
content-type
text/html;charset=UTF-8
date
Fri, 01 Nov 2024 15:57:15 GMT
front
front04 vtr
ft-called-app
ft/server
ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
referrer-policy
same-origin
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options
nosniff
bootstrap.css
docs-cortex.paloaltonetworks.com/stylesheets/
411 B
1 KB
Stylesheet
General
Full URL
https://docs-cortex.paloaltonetworks.com/stylesheets/bootstrap.css?v=710a2d51
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
a3bd8a5fbab0ef0e6e25929125c868c3f45a73ef8c6ac482d38a2b200958fc7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"408843807be1c2908875469b9871b02b-gzip"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/css;charset=UTF-8
vary
Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?bootstrap.css?="; filename*=UTF-8''bootstrap.css
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
250
server
Apache
fluidtopicsclient.css
docs-cortex.paloaltonetworks.com/stylesheets/
255 KB
36 KB
Stylesheet
General
Full URL
https://docs-cortex.paloaltonetworks.com/stylesheets/fluidtopicsclient.css?v=93b9eca9
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
0e6779ccdf9469e07c05b11645df5dbd1400422d83b44f9b200e378598abfd79
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"39631de0835ada8633ec3b974df2b835"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/css;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?fluidtopicsclient.css?="; filename*=UTF-8''fluidtopicsclient.css
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
customizations.css
docs-cortex.paloaltonetworks.com/stylesheets/
37 KB
9 KB
Stylesheet
General
Full URL
https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
b0a29e4b188e69af208c3c7c385f08841939309135738139001d0d8d8e8239c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"e02c9195724fc76dda8963dde94157f2"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/css;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?fluidtopicsclient.css?="; filename*=UTF-8''fluidtopicsclient.css
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
bootstrap.js
docs-cortex.paloaltonetworks.com/scripts/
7 KB
4 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/bootstrap.js?v=7b9ef4eb
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
9680ad8fdbafcaeab57beb287a748a04684f9cdab35e6613cd6af76450039bf9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"7b9ef4eb84d52a1617b88598b115cf7c"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?bootstrap.js?="; filename*=UTF-8''bootstrap.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
fluidtopics.min.js
docs-cortex.paloaltonetworks.com/scripts/
38 KB
12 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/fluidtopics.min.js?v=2d10a03c
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
dbe442147f0580066888e2c46c66e30994596fc22660322c631478569ba9e8bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"2d10a03c9967eaef44cd0f0708ca3a62"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?fluidtopics.min.js?="; filename*=UTF-8''fluidtopics.min.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
fluidtopicsclient.nocache.js
docs-cortex.paloaltonetworks.com/
7 KB
4 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/fluidtopicsclient.nocache.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
a559f0aff0b836b809200466cbda71650e4be84096403bc45743af926769ac61
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
last-modified
Tue, 29 Oct 2024 13:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
ft-app-context-dependencies.js
docs-cortex.paloaltonetworks.com/scripts/
365 B
1 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
42137474d5d65467208b97d5bcc00886973c8988f6a8ed76aad830fb8bec3c3e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"5c2c90478a61138185d734adb03e2975"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?ft-app-context-dependencies.js?="; filename*=UTF-8''ft-app-context-dependencies.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
365
server
Apache
splash-image
docs-cortex.paloaltonetworks.com/internal/api/webapp/
49 KB
50 KB
Image
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/splash-image?v=a983c1bb
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
7ad2857c3d6e7b46809b047d6ddff91fc69c46d7c2cb2765318f7217fe01a3f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"a983c1bb20f056a541c72385525c1d86"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
image/gif
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?ft-splash-image.gif?="; filename*=UTF-8''ft-splash-image.gif
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
49759
server
Apache
logo
docs-cortex.paloaltonetworks.com/internal/api/webapp/header/
13 KB
14 KB
Image
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/header/logo?v=e40f9d56
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
7d69173387c71113b4ec88e5931b1302132ed2b0f1168408cf9bb13825fcf5d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"e40f9d56e9e510ba7da5b8da1c6af4f9"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
image/png
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?ft-header-logo.png?="; filename*=UTF-8''ft-header-logo.png
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
13318
server
Apache
js
www.googletagmanager.com/gtag/
326 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N73Y2HZ540
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b13da21313aadf8177e8ce40d6661de3ee57cf68b508bbd91f28a68340baa03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 15:57:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109864
x-xss-protection
0
server
Google Tag Manager
launch-4c3207301e79.min.js
assets.adobedtm.com/9273d4aedcd2/fde2d38db50b/
159 KB
48 KB
Script
General
Full URL
https://assets.adobedtm.com/9273d4aedcd2/fde2d38db50b/launch-4c3207301e79.min.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:796::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f10e5cce9564ea3de170bbc1cdd6d978fb5f30f80842c9a420d47e53cab2b83a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"b3857718a3641160b5366b33ca370548:1728699819.311329"
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:57:15 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
48631
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/x-javascript
last-modified
Sat, 12 Oct 2024 02:23:39 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
custom.js
docs-cortex.paloaltonetworks.com/scripts/
27 KB
9 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/custom.js?v=d0af8448
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
4bd7fadf144474144398a48a5805048b7a852071e7c8a6a97d717f6840cc4e91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"d0af844845fb72a4480bb94bf86fe435"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?custom.js?="; filename*=UTF-8''custom.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
64085CAD2D2F85602A7A4183CDD9E704.cache.js
docs-cortex.paloaltonetworks.com/
994 KB
262 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/64085CAD2D2F85602A7A4183CDD9E704.cache.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/fluidtopicsclient.nocache.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
ae7da493b155941ec365fd77d3ce0a89093d5319d7ab023294de73604d350b9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
last-modified
Tue, 29 Oct 2024 13:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
build-tiles-paloalto.js
docs-cortex.paloaltonetworks.com/public/
4 KB
2 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/public/build-tiles-paloalto.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/scripts/custom.js?v=d0af8448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
000044f7bce00bd60ce7771db3792f2cef371ad82f8de3d3b3580cbfeea71eed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"0fb9901ffb1e18b533dd93b04a534bae"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?build-tiles-paloalto.js?="; filename*=UTF-8''build-tiles-paloalto.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
ft-text-field.min.js
cdn.jsdelivr.net/npm/@fluid-topics/ft-text-field/build/
261 KB
57 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@fluid-topics/ft-text-field/build/ft-text-field.min.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/scripts/custom.js?v=d0af8448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1194abf9263e1a85d7d68b8540fcf65e12ce7ee4393dc711005c59b4c5b465d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"4141c-B0wAERzp1ijVfOnkPeGyLnz2Mto"
age
26227
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220038-FRA, cache-lcy-eglc8600078-LCY
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
57424
x-jsd-version
1.1.79
ft-button.min.js
cdn.jsdelivr.net/npm/@fluid-topics/ft-button/build/
264 KB
57 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@fluid-topics/ft-button/build/ft-button.min.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/scripts/custom.js?v=d0af8448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6186b9280b26f6988363a9d8678a9964914497a2b4f5c4a3a14d6ee319f285db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"420b0-eUynmArKJFAYv1X5oeFgA40rsRY"
age
1999
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230151-FRA, cache-lcy-eglc8600078-LCY
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
57736
x-jsd-version
1.1.80
ft-text-area.min.js
cdn.jsdelivr.net/npm/@fluid-topics/ft-text-area/build/
256 KB
55 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@fluid-topics/ft-text-area/build/ft-text-area.min.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/scripts/custom.js?v=d0af8448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
238458268c54845c86f9b830a26b4a8ade5e235b3220c6119e2693c6907b5434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"400cb-dHJb7cPw3DlS2I8+nnx461flsa8"
age
18218
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230045-FRA, cache-lcy-eglc8600078-LCY
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
56554
x-jsd-version
1.1.79
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/11.6.0/
118 KB
35 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.6.0/highlight.min.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/scripts/custom.js?v=d0af8448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2fda3419c4ae8f6d911e676c65db38a8bfa347324b01160065c6d3195586d09
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"62cef443-8ad3"
age
2519626
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BytsSaGpUdOVawh683LaY6wmc0IzDSol1w1BzC8j5KVwQjVVZ99o1sNhQmXWTcfWf68mo12nL0a4tvRANcyMUaMfvsADsFZQXzTpI%2BhWhMnTgSRGbQXfo2OIxFdptZimpNGvI2G"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 15:57:15 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 13 Jul 2022 16:35:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dbd145e69816f06-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
35539
server
cloudflare
default.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/11.6.0/styles/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.6.0/styles/default.min.css
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/scripts/custom.js?v=d0af8448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbde0ac0921d86c356c41532e7319c887a23bd1b8ff00060cab447249f03c7cf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"62cef443-1b7"
age
143292
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMMXj%2F%2Fuu6OAyNqXzEyUgG24Vb5NWYmirogaBQECaJWLoeJZMot1vxn4PxxsSYGrjnZ6N%2FKd2O8u5%2B4H9ykxJAcMRvUpYY3jkPfDAS%2B0t41uyoYY4NXsnGkS9%2FO6Jf%2BlqT5%2BpNtG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 15:57:15 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 13 Jul 2022 16:35:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dbd145e59796f06-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
439
server
cloudflare
chunk-BYDMYU6C.js
docs-cortex.paloaltonetworks.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-BYDMYU6C.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
74d6cb91dcd941448b343f254dae6f201598365614e8c0833cfdb13d8ecd55fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"978bd24a85bba36066bca8fe6e6efa2e"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-BYDMYU6C.js?="; filename*=UTF-8''chunk-BYDMYU6C.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-MHYYK5NG.js
docs-cortex.paloaltonetworks.com/scripts/
85 B
1 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-MHYYK5NG.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
d235c4c91fe78558110d71d1e496b45993c38e323db96dcc872c7daf4da9a1a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"19a9c37af35425891362ea6deacbe17a"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?chunk-MHYYK5NG.js?="; filename*=UTF-8''chunk-MHYYK5NG.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
85
server
Apache
chunk-57Y4K4EH.js
docs-cortex.paloaltonetworks.com/scripts/
2 KB
2 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-57Y4K4EH.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
d18af1cfbe6dd17910af9cab9c22996b25870134b6c729384f185595ac9e0b06
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"f6cb715c2ae630be62f2bb593d4ce38e"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-57Y4K4EH.js?="; filename*=UTF-8''chunk-57Y4K4EH.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-P7D2D52V.js
docs-cortex.paloaltonetworks.com/scripts/
380 B
1 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-P7D2D52V.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
5aa53dd791a227e7ea7d81b129e5349883ae8d31040a9cb3b14ba3e9ff63d6eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"4fe5184b391fb66eb319d5f43cca0e3b"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?chunk-P7D2D52V.js?="; filename*=UTF-8''chunk-P7D2D52V.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
380
server
Apache
chunk-4FNJCQP2.js
docs-cortex.paloaltonetworks.com/scripts/
284 B
1 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-4FNJCQP2.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
1a2f6b2001b70d34e8aaa3046527c8a7bf7d80513d69bf09ac164dc3807ed61b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"5df6ffd8042ff2da9da8743cd9b74dcc"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?chunk-4FNJCQP2.js?="; filename*=UTF-8''chunk-4FNJCQP2.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
284
server
Apache
chunk-7ETWSYMA.js
docs-cortex.paloaltonetworks.com/scripts/
4 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-7ETWSYMA.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
94d78a1812d78908981d183bdf47149ab3b287222b32b6f39e90f85d632b23ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"36ad74761c91b49c60169cebb87e1627"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-7ETWSYMA.js?="; filename*=UTF-8''chunk-7ETWSYMA.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-FJDKCNEG.js
docs-cortex.paloaltonetworks.com/scripts/
19 KB
5 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-FJDKCNEG.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
875c8ff6aaed3fa4c07e97aaaed959ebe6bc0492ae994a2ad5a9bf11f681c1e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"16e3fc6e0c75ad7cbc7d95afe9dbbaef"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-FJDKCNEG.js?="; filename*=UTF-8''chunk-FJDKCNEG.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-ULSL7K33.js
docs-cortex.paloaltonetworks.com/scripts/
5 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-ULSL7K33.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
880711612d2c67331c0343d804d7049120ac0bd9aa7416adf94a32aa607cf94f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"eab87eaece5d72a9719b33d78fdd1041"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-ULSL7K33.js?="; filename*=UTF-8''chunk-ULSL7K33.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-CDWJMZAY.js
docs-cortex.paloaltonetworks.com/scripts/
9 KB
4 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-CDWJMZAY.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
448808f0f45df31e5b27677bcdcef01bdf9f5eea24b6c676d33f00f02a39357a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"7013e4f042e39f852ba472a4ccd90698"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-CDWJMZAY.js?="; filename*=UTF-8''chunk-CDWJMZAY.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-UFTLPMK7.js
docs-cortex.paloaltonetworks.com/scripts/
12 KB
6 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-UFTLPMK7.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
7967610c069890d204fbc49de2d43a79a07841db35a0e2f1ce6332fb7786d7b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"7dcc71a2a4f062bbb756390f163fa615"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-UFTLPMK7.js?="; filename*=UTF-8''chunk-UFTLPMK7.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-MJVFR2N3.js
docs-cortex.paloaltonetworks.com/scripts/
11 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-MJVFR2N3.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
76e181e20e15f6c7d400e844519244cc8076f5207a2515fb1d7183954f54ce7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"b9d6f28535cc51e6449d35205a63a963"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-MJVFR2N3.js?="; filename*=UTF-8''chunk-MJVFR2N3.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-NODMVVME.js
docs-cortex.paloaltonetworks.com/scripts/
9 KB
4 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-NODMVVME.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
eabc6ee98e32d9bf227d27869758416460d6e98c6b1113e405262368ba4e1856
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"d18a41c3e378eddacf03bc9a31de4184"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-NODMVVME.js?="; filename*=UTF-8''chunk-NODMVVME.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-VM4YGZRF.js
docs-cortex.paloaltonetworks.com/scripts/
203 KB
50 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-VM4YGZRF.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
479f8ba015b11b949744ba9966daee3ea2831dd186f88678a62e8c230829b1e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-app-context-dependencies.js?v=db8db3f1

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"f631f4ff9d9dab9d43a97ea09dae61b5"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:15 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-VM4YGZRF.js?="; filename*=UTF-8''chunk-VM4YGZRF.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730476636011
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730476636011
217 B
823 B
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730476636011
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Server
34.251.39.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-39-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72c2383e463311052a6bc4fd1b02be6ba5103d1d9153c73396c78278a38c9420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v067-0a91a9100.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
RM18ActzSks=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://docs-cortex.paloaltonetworks.com
content-length
209
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/json;charset=utf-8
vary
Origin

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9A531C8B532965080A490D4D%40AdobeOrg&d_nsid=0&ts=1730476636011
dcs
dcs-prod-irl1-1-v067-0955a6c5b.edge-irl1.demdex.com 0 ms
pragma
no-cache
access-control-allow-credentials
true
x-tid
WWApbudtQIo=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://docs-cortex.paloaltonetworks.com
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Fri, 01 Nov 2024 15:57:16 GMT
vary
Origin
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/
34 KB
13 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/fde2d38db50b/launch-4c3207301e79.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:796::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:57:16 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
12687
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/x-javascript
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-N73Y2HZ540&gtm=45je4au0v895757107za200&_p=1730476635862&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~1...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1678028459.1730476636&dbk=16506000716202251635&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4au0v895757107za200&npa=1...
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1678028459.1730476636&dbk=16506000716202251635&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4au0v895757107za200&npa=1&tid=G-N73Y2HZ540&dl=https%3A%2F%2Fdocs-cortex.paloaltonetworks.com%3F
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1678028459.1730476636&dbk=16506000716202251635&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4au0v895757107za200&npa=1&tid=G-N73Y2HZ540&dl=https%3A%2F%2Fdocs-cortex.paloaltonetworks.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
500
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
js
www.googletagmanager.com/gtag/
399 KB
129 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N73Y2HZ540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d6b7a8ceeb3acd56646aa4e063bf5da5c1f2ac80310482766dc0de87f2d23cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 15:57:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
131998
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
425 KB
137 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/fde2d38db50b/launch-4c3207301e79.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c889cdd2cd27812be32e462552587eea9a4e6af19c8d4cf40ddd2979c5929ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 15:57:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
140594
x-xss-protection
0
server
Google Tag Manager
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KS2MELEEFC&gtm=45je4au0v880354802za200zb895757107&_p=1730476635862&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101899381~101925629&cid=1678028459.1730476636&ul=fr-fr&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&uid=&sid=1730476636&sct=1&seg=0&dl=https%3A%2F%2Fdocs-cortex.paloaltonetworks.com%2Fr%2FCortex-XDR%2FCortex-XDR-Analytics-Alert-Reference-by-data-source%2FSuspicious-Azure-AD-interactive-sign-in-using-PowerShell&dt=Palo%20Alto%20Networks%20documentation%20portal&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false&tfd=561
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://docs-cortex.paloaltonetworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
565 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KS2MELEEFC&cid=1678028459.1730476636&gtm=45je4au0v880354802za200zb895757107&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101899381~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS2MELEEFC&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://docs-cortex.paloaltonetworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.fr/ads/
42 B
63 B
Image
General
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KS2MELEEFC&cid=1678028459.1730476636&gtm=45je4au0v880354802za200zb895757107&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101899381~101925629&tag_exp=101533422~101823848~101878899~101878944~101899381~101925629&z=1327389489
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 01 Nov 2024 15:57:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
id
sstats.paloaltonetworks.com/
48 B
482 B
XHR
General
Full URL
https://sstats.paloaltonetworks.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=9A531C8B532965080A490D4D%40AdobeOrg&mid=17517353432947290971970192981346390670&ts=1730476636200
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9273d4aedcd2/fde2d38db50b/launch-4c3207301e79.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
73a23cb1a3cab9690a34a81464683cfbae0d928ebb8d0fb0f723e98cd8e00738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://docs-cortex.paloaltonetworks.com
p3p
CP="This is not a P3P policy"
content-length
48
date
Fri, 01 Nov 2024 15:57:16 GMT
x-xss-protection
1; mode=block
content-type
application/x-javascript;charset=utf-8
vary
Origin
server
jag
s99089710777918
sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LEWM/
43 B
329 B
XHR
General
Full URL
https://sstats.paloaltonetworks.com/b/ss/panw-prod/1/JS-2.25.0-LEWM/s99089710777918
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

etag
3716170279361642496-4618418962580383534
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 15:57:16 GMT
p3p
CP="This is not a P3P policy"
date
Fri, 01 Nov 2024 15:57:16 GMT
last-modified
Sat, 02 Nov 2024 15:57:16 GMT
vary
*
content-type
image/gif;charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://docs-cortex.paloaltonetworks.com
content-length
43
x-xss-protection
1; mode=block
server
jag
fluidtopicsclient-hostframe.html
docs-cortex.paloaltonetworks.com/ Frame 2AA9
59 B
1 KB
Document
General
Full URL
https://docs-cortex.paloaltonetworks.com/fluidtopicsclient-hostframe.html
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/fluidtopicsclient.nocache.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
57b698deea36dbf8ac3a0e328e674aab751cd6d3be66a9040012c024169f4c3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000, private
content-disposition
inline; filename="=?UTF-8?Q?fluidtopicsclient-hostframe.html?="; filename*=UTF-8''fluidtopicsclient-hostframe.html
content-length
59
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
content-type
text/html;charset=UTF-8
date
Fri, 01 Nov 2024 15:57:16 GMT
etag
W/"c0dbde4b3ea5b616f46796fb6faa77c1"
front
front04 vtr
ft-called-app
ft/server
ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
referrer-policy
same-origin
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
favicon.ico
docs-cortex.paloaltonetworks.com/
15 KB
3 KB
Other
General
Full URL
https://docs-cortex.paloaltonetworks.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
5d967a2b624b90757d568b0219ca3a115cb7c6fd3f37ab88d606a97fd6824e19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"536d59812a689c71c52e0c9ed835a9c7"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
image/vnd.microsoft.icon
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?favicon?="; filename*=UTF-8''favicon
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
session
docs-cortex.paloaltonetworks.com/internal/api/webapp/authentication/
67 B
1 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/authentication/session
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
8a690be4b9630d2e5802b451e265cfe6e2d9bdbe87e51ea331466d5c5d36a7da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
GET
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?api.json?="; filename*=UTF-8''api.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
server
Apache
portal
docs-cortex.paloaltonetworks.com/internal/api/webapp/messages/en-US/get/
58 KB
18 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/messages/en-US/get/portal
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
584c3deadc3a408481e0565cb057f103f5a374c7cf35b152afcc2ef6ccf1287f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
GET
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"5870387e47024405b0bdb2398f9f244e"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?portal-messages.json?="; filename*=UTF-8''portal-messages.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
89.cache.js
docs-cortex.paloaltonetworks.com/deferredjs/64085CAD2D2F85602A7A4183CDD9E704/
2 MB
489 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/deferredjs/64085CAD2D2F85602A7A4183CDD9E704/89.cache.js
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
13cb093a166ef62523fa22557409f21028d03861d7d47f3377b384730c0cfda3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/javascript
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
last-modified
Tue, 29 Oct 2024 13:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
66.cache.js
docs-cortex.paloaltonetworks.com/deferredjs/64085CAD2D2F85602A7A4183CDD9E704/
99 KB
26 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/deferredjs/64085CAD2D2F85602A7A4183CDD9E704/66.cache.js
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
3c52fc6951b0ca61c9e1406315d0e68a1b42895d6491b4bf070e7cc16712a1bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/javascript
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
last-modified
Tue, 29 Oct 2024 13:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
82.cache.js
docs-cortex.paloaltonetworks.com/deferredjs/64085CAD2D2F85602A7A4183CDD9E704/
2 KB
2 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/deferredjs/64085CAD2D2F85602A7A4183CDD9E704/82.cache.js
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
e5adf6bf8372a11e3816913e0f7fab71f8af29ec565c74cb7bf1a83a6a6fed16
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/javascript
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
last-modified
Tue, 29 Oct 2024 13:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
material-icons.css
docs-cortex.paloaltonetworks.com/assets/fonts/Material/
568 B
1 KB
Stylesheet
General
Full URL
https://docs-cortex.paloaltonetworks.com/assets/fonts/Material/material-icons.css
Requested by
Host:
URL: fluidtopicsclient-89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
f5330a41a28d1a1c683229854c189756b30b8c9ab29152eb59b005875c94b480
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/css
vary
Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
last-modified
Tue, 29 Oct 2024 13:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
308
server
Apache
ft-tabs.js
docs-cortex.paloaltonetworks.com/scripts/
169 B
1 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/ft-tabs.js?v=db8db3f11631e9fd63112a37837601ea
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
dc2e26023f0ac68dad85e812c26a9416851d7f8aa5f6098afaf47e7c54d74d13
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"56b059782f9f42439e72506fdbdd469c"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?ft-tabs.js?="; filename*=UTF-8''ft-tabs.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
169
server
Apache
ft-copy-block.js
docs-cortex.paloaltonetworks.com/scripts/
253 B
1 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/ft-copy-block.js?v=db8db3f11631e9fd63112a37837601ea
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
037ff844a958b9ccde5027fb486e24eba296b82c1962fdd1cb7c13775aaa8549
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"90e23de7a5aa5eb3b9b4917caa2006c9"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?ft-copy-block.js?="; filename*=UTF-8''ft-copy-block.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
253
server
Apache
fluidtopicsclient-reader.css
docs-cortex.paloaltonetworks.com/stylesheets/
63 KB
10 KB
Stylesheet
General
Full URL
https://docs-cortex.paloaltonetworks.com/stylesheets/fluidtopicsclient-reader.css?v=43f3943e
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
e691da72f32661bace9782f9ab43419911b351af8744b28c63d23d26f9a8d22e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"0e1827d5e8e531d5abc8319edb853de0"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/css;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?fluidtopicsclient-reader.css?="; filename*=UTF-8''fluidtopicsclient-reader.css
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
reader
docs-cortex.paloaltonetworks.com/internal/api/webapp/pretty-url/
72 B
1 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/pretty-url/reader
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
d48df608b77b48b632e5d8c51753b23d9d28bb746038ee73f0f141605dba97d4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
POST
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?api.json?="; filename*=UTF-8''api.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
server
Apache
ft-search-bar.js
docs-cortex.paloaltonetworks.com/scripts/
477 B
2 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
bbd6c8fd04907887f8753d547d56493f8dd8f7797d98c9f5b92c02ea9afbd5af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"3167e2e95889b94ec68ebaad47a6106a"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?ft-search-bar.js?="; filename*=UTF-8''ft-search-bar.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
477
server
Apache
nav-icon
docs-cortex.paloaltonetworks.com/portal-asset/
636 B
2 KB
Image
General
Full URL
https://docs-cortex.paloaltonetworks.com/portal-asset/nav-icon
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
dc89e3306722ec6c90c2c1dac92ae6641ba4492ca1f98534351fd43c4b7fc9cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"c30e2924ecb92ef34adc908c83821f22"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?nav-icon.svg?="; filename*=UTF-8''nav-icon.svg
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
636
server
Apache
PANW-logo
docs-cortex.paloaltonetworks.com/portal-asset/
17 KB
18 KB
Image
General
Full URL
https://docs-cortex.paloaltonetworks.com/portal-asset/PANW-logo
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
2003684d0dca4a5838a3fa6c7f4a8bcb44f09e64e2758acc30e9b746263f6079
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"6ab78aef39bc5e6442acc7dca6a3fa43"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
image/png
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?PANW-logo.png?="; filename*=UTF-8''PANW-logo.png
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
17455
server
Apache
Lato-Regular.ttf
docs-cortex.paloaltonetworks.com/stylesheets/custom-font/
642 KB
645 KB
Font
General
Full URL
https://docs-cortex.paloaltonetworks.com/stylesheets/custom-font/Lato-Regular.ttf
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"d37437612f5e82f8ce0d4202eb44fc06"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
font/ttf
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?Lato-Regular.ttf?="; filename*=UTF-8''Lato-Regular.ttf
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
657212
server
Apache
panicons.ttf
docs-cortex.paloaltonetworks.com/public/fonts/
4 KB
5 KB
Font
General
Full URL
https://docs-cortex.paloaltonetworks.com/public/fonts/panicons.ttf?a1st23
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
42f3e672136882597f7cc2fb6a8177bafe9b062f7acd3f5331634777bc3c7017
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"63171fc567ce90c9fbcc57b9828fd328"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
font/ttf
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?fonts/panicons.ttf?="; filename*=UTF-8''fonts%2Fpanicons.ttf
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
3584
server
Apache
fticons.ttf
docs-cortex.paloaltonetworks.com/assets/fonts/
48 KB
27 KB
Font
General
Full URL
https://docs-cortex.paloaltonetworks.com/assets/fonts/fticons.ttf
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/stylesheets/fluidtopicsclient.css?v=93b9eca9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
739f0ba9975fe059f3f1d97cb59ecf6dbda19e61df65c687882a6952ae139812
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/stylesheets/fluidtopicsclient.css?v=93b9eca9

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
application/x-font-ttf
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
last-modified
Tue, 29 Oct 2024 13:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-6UX2TWIE.js
docs-cortex.paloaltonetworks.com/scripts/
12 KB
4 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-6UX2TWIE.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
6eff707da794018e192819e6b66241004edbad64c4bfc966a3ee09eac478e39d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-tabs.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"1b4396ad36166c24435b11ac16842dfc"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:16 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-6UX2TWIE.js?="; filename*=UTF-8''chunk-6UX2TWIE.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-UUWBUX2E.js
docs-cortex.paloaltonetworks.com/scripts/
53 KB
12 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-UUWBUX2E.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
0ff8694067a6c2dbccbe41cc487dc089d17fcc354d83d78edc220a522245c334
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"eab6539ffa814e9edeee803512df5a0d"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-UUWBUX2E.js?="; filename*=UTF-8''chunk-UUWBUX2E.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-NRJBF6LV.js
docs-cortex.paloaltonetworks.com/scripts/
2 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-NRJBF6LV.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
313f94c2716c926d55aac0ce065856064d01c641ca36595a60539f5f5c92c02a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"e1584e92e9dd292d94b1dd49e60099d0"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?chunk-NRJBF6LV.js?="; filename*=UTF-8''chunk-NRJBF6LV.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
1661
server
Apache
chunk-HIMX5DE7.js
docs-cortex.paloaltonetworks.com/scripts/
33 KB
8 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-HIMX5DE7.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
debd7429c4e4baf2f8b12f6723ac7b03db3ae763fec376018c0c9287497c9528
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"dd4a7a44ecb19b610a187e6bddf94d94"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-HIMX5DE7.js?="; filename*=UTF-8''chunk-HIMX5DE7.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-MWJPRFH6.js
docs-cortex.paloaltonetworks.com/scripts/
2 KB
2 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-MWJPRFH6.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
0bf90f464ef1d2f5bd05e8d5fce8d3a0f2a384c0bc8a88a771332e47dcbd35d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"52b514f5fd060639f4b4783488ec4ca3"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-MWJPRFH6.js?="; filename*=UTF-8''chunk-MWJPRFH6.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-JSKBOQXF.js
docs-cortex.paloaltonetworks.com/scripts/
8 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-JSKBOQXF.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
049e2885be2ff2d2fee61bdafccc639406ea6d85cde2b04977d5cb299a1c542b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"e7a21cfa637edae83820c02af1361b7e"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-JSKBOQXF.js?="; filename*=UTF-8''chunk-JSKBOQXF.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-3RX64RY6.js
docs-cortex.paloaltonetworks.com/scripts/
5 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-3RX64RY6.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
6db1682e04c87cefaee9c2f0a1ce0cebd850833c35e9db9b5d451bb80a2e5480
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"e9500e09dca5e76bac7fb6a66c174671"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-3RX64RY6.js?="; filename*=UTF-8''chunk-3RX64RY6.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-6GH3XSAF.js
docs-cortex.paloaltonetworks.com/scripts/
5 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-6GH3XSAF.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
3ce95e02d21100ea9361549115a5b7eebbf806f9adee2a35ae5d7eb3f469bc3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"32533efd9e0710f5ca935ccbaa9e732e"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-6GH3XSAF.js?="; filename*=UTF-8''chunk-6GH3XSAF.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-G4RGYRPS.js
docs-cortex.paloaltonetworks.com/scripts/
13 KB
5 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-G4RGYRPS.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
e916c192b1f341ac51119054eb861112214dc5076d322c7f4396fc99eed6dc2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"df53d5e0574da1e3b6abcbbf3d41802d"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-G4RGYRPS.js?="; filename*=UTF-8''chunk-G4RGYRPS.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-RPFLTGJX.js
docs-cortex.paloaltonetworks.com/scripts/
10 KB
4 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-RPFLTGJX.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
34b5ec4d0f4356161f1c6209fa008d80e9aae266e82e8ef5c1c554f64357ecb3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"0d80382e1ba3c26ce325d404d089c8d7"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-RPFLTGJX.js?="; filename*=UTF-8''chunk-RPFLTGJX.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
chunk-SNP7HKNV.js
docs-cortex.paloaltonetworks.com/scripts/
6 KB
3 KB
Script
General
Full URL
https://docs-cortex.paloaltonetworks.com/scripts/chunk-SNP7HKNV.js
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
9fbe6d09da1432f1b44016a1a5f6a628ca79dd41e7443ce4f453af474529ab7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/scripts/ft-search-bar.js?v=db8db3f11631e9fd63112a37837601ea

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
etag
W/"ae37934e542eba01c5a9e8bf888736af"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
text/javascript;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?chunk-SNP7HKNV.js?="; filename*=UTF-8''chunk-SNP7HKNV.js
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
max-age=2592000, private
referrer-policy
same-origin
accept-ranges
bytes
server
Apache
toc
docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/
552 KB
125 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/toc?
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
ae53db2402d22d8a7a52bb827daebdffa6c714fd9dc5239100dd72930acae055
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
GET
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?api.json?="; filename*=UTF-8''api.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
server
Apache
relatives
docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/
146 B
1 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/relatives
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
eed1d49ae002e4b16088a80ef56375b75de350ac5cb012887b9027f07399a32f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
GET
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?api.json?="; filename*=UTF-8''api.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
server
Apache
events
docs-cortex.paloaltonetworks.com/internal/api/webapp/
0
960 B
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/events
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
POST
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
referrer-policy
same-origin
front
front04 vtr
content-length
0
date
Fri, 01 Nov 2024 15:57:17 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server
Apache
rating
docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/
85 B
1 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/rating
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
dad937c9740dd754bc8f6543da07d1d3c5dc1a3b6a27df3795e082a3d784f94e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
GET
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?api.json?="; filename*=UTF-8''api.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
server
Apache
attachments
docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/
2 B
1 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/maps/4Hln3uAzOoghfibqdPDRfw/attachments
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
GET
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?api.json?="; filename*=UTF-8''api.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
server
Apache
request
docs-cortex.paloaltonetworks.com/internal/api/webapp/reader/topics/
93 KB
7 KB
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/reader/topics/request
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
7158c8ec5a2fa5b149493bb53b9b18de5a58390fb1d71a38595ea1351c2615c2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
POST
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
content-encoding
gzip
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-disposition
attachment; filename="=?UTF-8?Q?api.json?="; filename*=UTF-8''api.json
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
referrer-policy
same-origin
server
Apache
pa-chevron-up-solid
docs-cortex.paloaltonetworks.com/portal-asset/
459 B
2 KB
Image
General
Full URL
https://docs-cortex.paloaltonetworks.com/portal-asset/pa-chevron-up-solid
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
4db50ce10a07c95fb2c0d5be4eaf6a2f21a19d70b062517d1e210b4ec82cbb58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"c89f1295a6912574dbf8e1d3abb7ce85"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?pa-chevron-up-solid.svg?="; filename*=UTF-8''pa-chevron-up-solid.svg
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
459
server
Apache
Lato-Bold.ttf
docs-cortex.paloaltonetworks.com/stylesheets/custom-font/
642 KB
644 KB
Font
General
Full URL
https://docs-cortex.paloaltonetworks.com/stylesheets/custom-font/Lato-Bold.ttf
Requested by
Host: docs-cortex.paloaltonetworks.com
URL: https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://docs-cortex.paloaltonetworks.com
Referer
https://docs-cortex.paloaltonetworks.com/stylesheets/customizations.css?v=73c774bd

Response headers

ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
etag
W/"d37437612f5e82f8ce0d4202eb44fc06"
front
front04 vtr
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 15:57:17 GMT
content-type
font/ttf
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-disposition
attachment; filename="=?UTF-8?Q?Lato-Bold.ttf?="; filename*=UTF-8''Lato-Bold.ttf
strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
cache-control
no-cache, must-revalidate, private
referrer-policy
same-origin
accept-ranges
bytes
content-length
657188
server
Apache
events
docs-cortex.paloaltonetworks.com/internal/api/webapp/
0
958 B
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/events
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
POST
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
referrer-policy
same-origin
front
front04 vtr
content-length
0
date
Fri, 01 Nov 2024 15:57:18 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server
Apache
events
docs-cortex.paloaltonetworks.com/internal/api/webapp/
0
961 B
XHR
General
Full URL
https://docs-cortex.paloaltonetworks.com/internal/api/webapp/events
Requested by
Host:
URL: fluidtopicsclient-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.189.227 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-189-227.eu-west-3.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Ft-Calling-App-Version
5.0.21
Referer
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Analytics-Alert-Reference-by-data-source/Suspicious-Azure-AD-interactive-sign-in-using-PowerShell
Ft-Origin-Page-Type
unknown
X-HTTP-Method-Override
POST
Ft-Calling-App
ft/turnkey-portal
Ft-Origin-Type
unknown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
ft-called-app-version
5.0.21:dd2be6894d023133f25fb7c5b7806656f3e9e9c0
ft-called-app
ft/server
content-security-policy
frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
ft-calling-app-version
5.0.21
ft-calling-app
ft/turnkey-portal
report-to
{ "group": "csp-violation-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations" } ] }
x-content-type-options
nosniff
referrer-policy
same-origin
front
front04 vtr
content-length
0
date
Fri, 01 Nov 2024 15:57:20 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server
Apache
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N73Y2HZ540&gtm=45je4au0v895757107za200&_p=1730476635862&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1678028459.1730476636&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730476636&sct=1&seg=0&dl=https%3A%2F%2Fdocs-cortex.paloaltonetworks.com%2Fr%2FCortex-XDR%2FCortex-XDR-Analytics-Alert-Reference-by-data-source%2FSuspicious-Azure-AD-interactive-sign-in-using-PowerShell&dt=Palo%20Alto%20Networks%20documentation%20portal&en=scroll&epn.percent_scrolled=90&_et=5&tfd=5428
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N73Y2HZ540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://docs-cortex.paloaltonetworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:57:21 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FluidTopicsClientConfiguration object| fluidtopics function| fluidtopicsclient object| __gwt_activeModules function| __gwt_getMetaProperty string| __gwt_ft_moduleBase function| __gwt_isKnownPropertyValue object| __gwt_stylesLoaded function| gtag object| dataLayer function| toggleMenu function| handle_tab_click_event function| manage_tabs function| deferer object| hljsScript object| hljsStyle function| copyContent function| addMessage function| formatDateToDDMMYYYY function| addBreadCrumbToSubHeader function| glossary function| createGlosstermTooltip function| handleTooltipPosition function| escapeRegExp function| cloneAttributes function| cleanPreviousSearch function| highlighter function| highlightContent function| findQuery function| openCollapsibleOnHightlight function| openCollapsible function| updateCautionTitle function| checkRetirementBanner function| addRetirementBanner function| fillElement function| getTemplate function| toggleItems function| closeItems function| addEvent function| buildPaloAltoTiles object| litPropertyMetadata object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| ftReduxStores object| ftGlobals object| FluidTopicsI18nService object| FluidTopicsCustomI18nService object| FluidTopicsAppInfoStoreService object| FluidTopicsHighlightHtmlService object| FluidTopicsGenerativeAIService object| fluidTopicsExternalComponentsInfo object| hljs object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| AppMeasurement function| s_gi function| s_pgicq object| s function| jspbGetTypeName object| google_tag_manager_external string| f0 number| d object| eo number| y function| cookieWrite function| cookieRead string| g object| s_i_panw-prod object| goog object| FluidTopicsOfflineService object| FluidTopicsAuthenticationService object| FluidTopicsLoggingService function| setUnauthenticatedUserSearchPreferences function| getUnauthenticatedUserSearchPreferences function| addUnauthenticatedUserSearchPreferencesChangeHandler object| FluidTopicsRouterService object| FluidTopicsNotificationService object| FluidTopicsUserFeaturesService function| GwtPotentialElementShim string| fluidTopicsBaseUrl object| proto object| invible

18 Cookies

Domain/Path Name / Value
docs-cortex.paloaltonetworks.com/ Name: FT_SESSION
Value: 9bf80db4-05cc-4ca6-ad76-88567ea8c412
docs-cortex.paloaltonetworks.com/ Name: FT_LOCALES
Value: ui:en-US:default/content:en-US:default
.paloaltonetworks.com/ Name: _ga
Value: GA1.1.1678028459.1730476636
.paloaltonetworks.com/ Name: _ga_N73Y2HZ540
Value: GS1.1.1730476636.1.0.1730476636.0.0.0
.demdex.net/ Name: demdex
Value: 11799200617016370171389089025538628254
.paloaltonetworks.com/ Name: _ga_KS2MELEEFC
Value: GS1.1.1730476636.1.0.1730476636.60.0.0
.paloaltonetworks.com/ Name: AMCVS_9A531C8B532965080A490D4D%40AdobeOrg
Value: 1
.paloaltonetworks.com/ Name: s_ecid
Value: MCMID%7C17517353432947290971970192981346390670
.paloaltonetworks.com/ Name: AMCV_9A531C8B532965080A490D4D%40AdobeOrg
Value: 179643557%7CMCIDTS%7C20029%7CMCMID%7C17517353432947290971970192981346390670%7CMCAAMLH-1731081436%7C6%7CMCAAMB-1731081436%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1730483836s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.paloaltonetworks.com/ Name: s_lv
Value: 1730476636280
.paloaltonetworks.com/ Name: s_lv_s
Value: First%20Visit
.paloaltonetworks.com/ Name: s_pv
Value: docs-cortex.paloaltonetworks.com%3Ar%3Acortex-xdr%3Acortex-xdr-analytics-alert-reference-by-data-source%3Asuspicious-azure-ad-interactive-sign-in-using-powershell
.paloaltonetworks.com/ Name: s_vnum
Value: 1733007600280%26vn%3D1
.paloaltonetworks.com/ Name: s_invisit
Value: true
.paloaltonetworks.com/ Name: s_nr30
Value: 1730476636280-New
.paloaltonetworks.com/ Name: s_cc
Value: true
docs-cortex.paloaltonetworks.com/ Name: AWSALB
Value: iWTmwjhKsyVvYp/aR13hRO3rCfw93BoQXgKmgLlR7hE874eoLnFxKMzT9DJcqq628GZX8RTsFSXUPzjscFnuRpS70BHun+bBsskvW4vEZRl46DnB0Z3jHX1boRUo
docs-cortex.paloaltonetworks.com/ Name: AWSALBCORS
Value: iWTmwjhKsyVvYp/aR13hRO3rCfw93BoQXgKmgLlR7hE874eoLnFxKMzT9DJcqq628GZX8RTsFSXUPzjscFnuRpS70BHun+bBsskvW4vEZRl46DnB0Z3jHX1boRUo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.paloaltonetworks.com; report-uri https://docs-cortex.paloaltonetworks.com/internal/api/debug/csp-violations; report-to csp-violation-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
docs-cortex.paloaltonetworks.com
dpm.demdex.net
region1.analytics.google.com
region1.google-analytics.com
sstats.paloaltonetworks.com
stats.g.doubleclick.net
www.google.fr
www.googletagmanager.com
104.17.24.14
142.250.186.99
2001:4860:4802:32::36
216.239.34.36
2a00:1450:4001:829::2008
2a00:1450:400c:c06::9a
2a02:26f0:480:796::1e80
2a04:4e42::485
34.251.39.134
35.181.189.227
63.140.62.17
000044f7bce00bd60ce7771db3792f2cef371ad82f8de3d3b3580cbfeea71eed
037ff844a958b9ccde5027fb486e24eba296b82c1962fdd1cb7c13775aaa8549
049e2885be2ff2d2fee61bdafccc639406ea6d85cde2b04977d5cb299a1c542b
0bf90f464ef1d2f5bd05e8d5fce8d3a0f2a384c0bc8a88a771332e47dcbd35d2
0d6b7a8ceeb3acd56646aa4e063bf5da5c1f2ac80310482766dc0de87f2d23cf
0d6e771550f681cb6d515faed94a0e7bbbacbab427da67fe489a3591294f1965
0e6779ccdf9469e07c05b11645df5dbd1400422d83b44f9b200e378598abfd79
0ff8694067a6c2dbccbe41cc487dc089d17fcc354d83d78edc220a522245c334
1194abf9263e1a85d7d68b8540fcf65e12ce7ee4393dc711005c59b4c5b465d7
13cb093a166ef62523fa22557409f21028d03861d7d47f3377b384730c0cfda3
1a2f6b2001b70d34e8aaa3046527c8a7bf7d80513d69bf09ac164dc3807ed61b
2003684d0dca4a5838a3fa6c7f4a8bcb44f09e64e2758acc30e9b746263f6079
238458268c54845c86f9b830a26b4a8ade5e235b3220c6119e2693c6907b5434
313f94c2716c926d55aac0ce065856064d01c641ca36595a60539f5f5c92c02a
34b5ec4d0f4356161f1c6209fa008d80e9aae266e82e8ef5c1c554f64357ecb3
3c52fc6951b0ca61c9e1406315d0e68a1b42895d6491b4bf070e7cc16712a1bf
3ce95e02d21100ea9361549115a5b7eebbf806f9adee2a35ae5d7eb3f469bc3c
42137474d5d65467208b97d5bcc00886973c8988f6a8ed76aad830fb8bec3c3e
42f3e672136882597f7cc2fb6a8177bafe9b062f7acd3f5331634777bc3c7017
448808f0f45df31e5b27677bcdcef01bdf9f5eea24b6c676d33f00f02a39357a
479f8ba015b11b949744ba9966daee3ea2831dd186f88678a62e8c230829b1e1
4bd7fadf144474144398a48a5805048b7a852071e7c8a6a97d717f6840cc4e91
4db50ce10a07c95fb2c0d5be4eaf6a2f21a19d70b062517d1e210b4ec82cbb58
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
57b698deea36dbf8ac3a0e328e674aab751cd6d3be66a9040012c024169f4c3a
584c3deadc3a408481e0565cb057f103f5a374c7cf35b152afcc2ef6ccf1287f
5aa53dd791a227e7ea7d81b129e5349883ae8d31040a9cb3b14ba3e9ff63d6eb
5b13da21313aadf8177e8ce40d6661de3ee57cf68b508bbd91f28a68340baa03
5d967a2b624b90757d568b0219ca3a115cb7c6fd3f37ab88d606a97fd6824e19
6186b9280b26f6988363a9d8678a9964914497a2b4f5c4a3a14d6ee319f285db
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6db1682e04c87cefaee9c2f0a1ce0cebd850833c35e9db9b5d451bb80a2e5480
6eff707da794018e192819e6b66241004edbad64c4bfc966a3ee09eac478e39d
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780
7158c8ec5a2fa5b149493bb53b9b18de5a58390fb1d71a38595ea1351c2615c2
72c2383e463311052a6bc4fd1b02be6ba5103d1d9153c73396c78278a38c9420
739f0ba9975fe059f3f1d97cb59ecf6dbda19e61df65c687882a6952ae139812
73a23cb1a3cab9690a34a81464683cfbae0d928ebb8d0fb0f723e98cd8e00738
74d6cb91dcd941448b343f254dae6f201598365614e8c0833cfdb13d8ecd55fc
76e181e20e15f6c7d400e844519244cc8076f5207a2515fb1d7183954f54ce7d
7967610c069890d204fbc49de2d43a79a07841db35a0e2f1ce6332fb7786d7b5
7ad2857c3d6e7b46809b047d6ddff91fc69c46d7c2cb2765318f7217fe01a3f2
7d69173387c71113b4ec88e5931b1302132ed2b0f1168408cf9bb13825fcf5d7
875c8ff6aaed3fa4c07e97aaaed959ebe6bc0492ae994a2ad5a9bf11f681c1e5
880711612d2c67331c0343d804d7049120ac0bd9aa7416adf94a32aa607cf94f
8a690be4b9630d2e5802b451e265cfe6e2d9bdbe87e51ea331466d5c5d36a7da
94d78a1812d78908981d183bdf47149ab3b287222b32b6f39e90f85d632b23ab
9680ad8fdbafcaeab57beb287a748a04684f9cdab35e6613cd6af76450039bf9
9fbe6d09da1432f1b44016a1a5f6a628ca79dd41e7443ce4f453af474529ab7c
a3bd8a5fbab0ef0e6e25929125c868c3f45a73ef8c6ac482d38a2b200958fc7c
a559f0aff0b836b809200466cbda71650e4be84096403bc45743af926769ac61
ae53db2402d22d8a7a52bb827daebdffa6c714fd9dc5239100dd72930acae055
ae7da493b155941ec365fd77d3ce0a89093d5319d7ab023294de73604d350b9c
b0a29e4b188e69af208c3c7c385f08841939309135738139001d0d8d8e8239c9
bbd6c8fd04907887f8753d547d56493f8dd8f7797d98c9f5b92c02ea9afbd5af
bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b
c889cdd2cd27812be32e462552587eea9a4e6af19c8d4cf40ddd2979c5929ce6
d18af1cfbe6dd17910af9cab9c22996b25870134b6c729384f185595ac9e0b06
d235c4c91fe78558110d71d1e496b45993c38e323db96dcc872c7daf4da9a1a7
d48df608b77b48b632e5d8c51753b23d9d28bb746038ee73f0f141605dba97d4
dad937c9740dd754bc8f6543da07d1d3c5dc1a3b6a27df3795e082a3d784f94e
dbe442147f0580066888e2c46c66e30994596fc22660322c631478569ba9e8bf
dc2e26023f0ac68dad85e812c26a9416851d7f8aa5f6098afaf47e7c54d74d13
dc89e3306722ec6c90c2c1dac92ae6641ba4492ca1f98534351fd43c4b7fc9cc
debd7429c4e4baf2f8b12f6723ac7b03db3ae763fec376018c0c9287497c9528
e2fda3419c4ae8f6d911e676c65db38a8bfa347324b01160065c6d3195586d09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5adf6bf8372a11e3816913e0f7fab71f8af29ec565c74cb7bf1a83a6a6fed16
e691da72f32661bace9782f9ab43419911b351af8744b28c63d23d26f9a8d22e
e916c192b1f341ac51119054eb861112214dc5076d322c7f4396fc99eed6dc2b
eabc6ee98e32d9bf227d27869758416460d6e98c6b1113e405262368ba4e1856
eed1d49ae002e4b16088a80ef56375b75de350ac5cb012887b9027f07399a32f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10e5cce9564ea3de170bbc1cdd6d978fb5f30f80842c9a420d47e53cab2b83a
f5330a41a28d1a1c683229854c189756b30b8c9ab29152eb59b005875c94b480
fbde0ac0921d86c356c41532e7319c887a23bd1b8ff00060cab447249f03c7cf